The Trojan Emotet is on the decline. This shows the current malware topten from Check Point. The reason, apparently, is Microsoft’s decision to block macros in Office programs by default. […]
After the Trojan Emotet has repeatedly topped the “Most Wanted Malware” list of Check Point Software Technologies – so in March with 10 and in February even with 18 percent distribution rate -, the malicious program is on the decline, at least in Switzerland. In April 2022, the Trojan will “only” come in third place there with a rate of 1.5 percent, which it shares with the Infostealer Formbook.
Emotet is still at the top worldwide. But globally, the prevalence rate has also fallen from 10 percent in March to 6 percent in April.
With its malware “hit parade”, the cybersecurity specialist determines the malware types that the Check Point research team has found and filtered out most frequently on corporate computers in Switzerland and worldwide every month.
According to the security researchers at Check Point, one reason for the significantly lower distribution of Emotet can be seen in the fact that Microsoft has been blocking VBA macros (Visual Basic for Applications) downloaded with files from the Internet by default in office programs since April 2022.
However, Check Point can not give an all-clear. Because the cybercriminals have apparently discovered a new method to spread Emotet. For example, phishing emails containing a OneDrive URL have recently been sent. Behind the URL are ZIP files that contain Microsoft Excel add-in files (XLL) with a name similar to the subject line of the email. If these XLL files are opened and executed, Emotet infects the Windows PC with malware. In addition, information is often stolen or backdoors are created for the use of other malware.
|Rank||Malware family||Type of malware||Global distribution|
|1||AgentTesla||Remote Access Trojans||2.45%|
|6||Lake Tofsee||Trojans with reloading function||0.97%|
|8||Remcos||Remote Access Trojans||1.08%|
|8||BLINDINGCAN||Remote Access Trojans||0.48%|
*Jens Stark is an author at COM!professional.