18th November 2021, Kathmandu
Botnets and banking trojans are two types of malware. According to the latest World Risk Index from security researcher Examine Level, Trickbot remained the most frequent malware infecting enterprises worldwide over the previous month.
The list ranks ten viruses that attacked businesses during that time period, stealing financial information, account credentials, personally identifying information, and more. This is a list of the ten most dangerous ‘viruses’ that have harmed businesses all across the world during this time period.
Trickbot: Banking virus
Hackers are continually updating Trickbot, a Botnet and Banking Trojan, with new functionality and distribution ways.
XMRig: Mines cryptocurrency
XMRig is an open-source CPU mining software tool that is used to mine the Monero cryptocurrency, as the name implies. It was originally discovered in the wild in May of 2017.
Remcos: Spreads through malicious Microsoft Workplace paperwork
Remcos made their first appearance in the wild in 2016. Remcos spreads via malicious Microsoft Office documents attached to spam emails, and it’s meant to get beyond Microsoft Windows UAC protection with high-level privileges.
Glupteba: Spreads by means of a browser, router
Glupteba is a backdoor that quickly evolved into a botnet. It spreads using BitCoin lists, has browser stealer features, and is a router exploiter.
Tofsee: Used to launch DDoS attacks, send spam emails, and mine cryptocurrency
Tofsee is a backdoor Trojan that has been active since at least 2013. Tofsee is used to launch DDoS attacks, send spam emails, and mine cryptocurrency, among other things.
Ramnit: Steals banking credentials, FTP passwords
Ramnit is a banking Trojan that steals banking credentials, FTP passwords, session cookies, and other sensitive data.
Agent Tesla: Works as keylogger and knowledge stealer
Agent Tesla is a keylogger and information thief capable of monitoring and collecting the victim’s keyboard input, system keyboard, screenshots, and exfiltrating credentials for a variety of software installed on the victim’s workstation (together with Google Chrome, Mozilla Firefox, and the Microsoft Outlook e-mail consumer).
Ursnif: Targets the Home windows platform
Ursnif is a Trojan horse that attacks the Windows operating system. It steals data from the Verifone POS (Point-of-Sale) cost software package. It connects to a remote server to upload the data and get directions.
Formbook: Takes screenshots and steals credentials from web browsers
Formbook is a data thief that harvests credentials from a variety of web browsers, takes screenshots, displays, and logs keystrokes, and may retrieve and execute records based on its C&C commands.
Nanocore: Aims for Windows-based gadgets
NanoCore is a RAT (Remote Access Trojan) that was first discovered in the wild in 2013. It is developed to attack the Windows operating system. All variants include base plugins and functions such as display screen seizing, cryptocurrency mining, remote desktop administration, and camera session stealing.
