Agent Tesla, Nanocore and 8 other ‘viruses’ that troubled companies worldwide most in the past one month

Botnet and banking trojan Trickbot remained the top of most prevalent malware affecting of organizations worldwide during the past one month, according to security researcher Check Point’s latest Global Threat Index. The list ranks 10 viruses that attacked companies during the period, stealing financial details, account credentials, and personally identifiable information and more. Here’s the list of these 10 dangerous ‘viruses’ that hurt companies worldwide during this period

110

​Trickbot: Banking virus

Trickbot is a modular Botnet and Banking Trojan that is constantly updated by hackers with new capabilities and distribution vectors.

GadgetsNow

210

​XMRig: Mines cryptocurrency

As the name suggests, XMRig is an open-source CPU mining software used for the mining process of the Monero cryptocurrency. It was first seen in the wild in May 2017.

GadgetsNow

310

​Remcos: Spreads via malicious Microsoft Office documents

Remcos first appeared in the wild in 2016. Remcos distributes itself through malicious Microsoft Office documents which are attached to spam emails and is designed to bypass Microsoft Windows UAC security with high-level privileges.

GadgetsNow

410

​Glupteba: Spreads through browser, router

Glupteba is a backdoor which has evolved into a botnet. It spreads through BitCoin lists, is an integral browser stealer capability and router exploiter.

GadgetsNow

510

​Tofsee: Used for DDoS attacks, send spam emails, mine cryptocurrencies

Tofsee too is a backdoor Trojan, operating since at least 2013. Tofsee is used for DDoS attacks, send spam emails, mine cryptocurrencies, and more.

GadgetsNow

610

​Ramnit: Steals banking credentials, FTP passwords

Ramnit is a banking Trojan that steals banking credentials, FTP passwords, session cookies and personal data.

GadgetsNow

710

​Agent Tesla: Works as keylogger and information stealer

Agent Tesla works as keylogger and information stealer, which is capable of monitoring and collecting the victim’s keyboard input, system keyboard, taking screenshots, and exfiltrating credentials to a variety of software installed on a victim’s machine (including Google Chrome, Mozilla Firefox and the Microsoft Outlook email client).

GadgetsNow

810

​Ursnif: Targets the Windows platform

Ursnif is a Trojan that targets the Windows platform. It steals information related to the Verifone Point-of-Sale (POS) payment software. It contacts a remote server to upload collected information and receive instructions.

GadgetsNow

910

​Formbook: Steals credentials from web browsers and takes collects screenshots

Formbook is an info stealer that harvests credentials from various web browsers, collects screenshots, monitors and logs keystrokes, and can download and execute files according to its C&C orders.

GadgetsNow

1010

​Nanocore: Targets Windows devices

NanoCore is a Remote Access Trojan (RAT) that was first observed in the wild in 2013. It targets Windows operating system. All versions feature base plugins and functionalities such as screen capture, crypto currency mining, remote control of the desktop and webcam session theft.