The beginning 2019 saw a hit for cyber criminals as many new malware was detected by security experts. But as we approached further to February, some persistent malware threats that was active years back is again out in the wild. Like Zeus virus which was stopped first in 2014 and had managed to carry out massive attacks. But soon it was neutralized by security experts. Another one is wannacry ransomware that is still active and till now, it is spotted by distinct names.
These malware aims to target millions of users as well as organizations. They were successful in making huge financial losses to the victims. Thus, we tried to research and pen down the list of 10 most damaging malware still out in 2019.
These malware are designed to basically steal sensitive data on the target system include banking information.
So, let’s check out the list of 10 most damaging malware April 2019.
- Emotet-banking Trojan: It is a data stealer trojan threat that first appeared in 2014. This modular trojan threat mostly spreads through phishing emails that contained macro-enabled attachments. It outbroke again 2018 that uses modules to spread through networks. Emotet trojan is designed to steal-banking data on the attacked systems. To know more click here.
- ZeuS Trojan Virus: It is so far the most destructive info-stealer that records the keystrokes of victime, when they visit banking or any other confidential sites. This trojan was first spotted in 2011, but was blocked by the security agencies. However, its authors made their source code visible that helped other malware authors design its variants and carry out the attacks. To know more click here.
- WannaCry Ransomware: It is a file-encrypting malware categorized as a ransomware. As it encrypts most of the files of various extensions and demands huge ransom to be paid by the victim.It made various successful attacks in 2017. The attacks shook the whole world including individual users and big organizations like healthcare, institutions, government and so on. It spread through exploit kit known as EternalBlue through SMB protocol.
- Kovter: It is detected as a fileless malware that attempts various click frauds. It mostly spread through spam email links, fake update links on malicious websites. It was first detected in may 2014 and attacked various countries. Apart from stealing financial data, it was also used as ransomware threat that locked the screen and display a warning that your computer is blocked due to illegal online activities. To unblock the system, the victims need to pay the author. It is very clever to hide its presence.
- Zeus Gameover: It is an infamous banking-trojan that is a variant of Zeus family. It uses peer-to-peer botnet attacks to spread among users worldwide. It was used to collect information on the system that expose banking credentials, credit card info, logins and so. It uses command & control server to communicate with the malware authors and send and receive instructions.
- Dridex: It is a notorious banking-trojan that spreads through phishing email campaigns. It was popular as celebrity trojan in 2014, as it targets corporate users to steal their financial records and expose banking details. It is also detected as Worm.Win32.Cridex by various AV vendors. And uses complex structure that made its detection on the targeted system tricky. It is an active malware 2019 that is being used by hackers.
- Dorkbot: It is used to spread other harmful malware and through spam links. It was seen to spread a malicious campaign on skype as users started receiving message as ‘Hey, is this your Skype profile pic?’, if the user click on the link, the worm installs on the system. It exploits the vulnerabilities further to allow the hackers to take the complete control over the computer.
- Pushdo: It is a botnet service that is being used by hackers to spread other malware and spambot worldwide. It uses encryption algorithms to communicating with their authors remotely. Pushdo sends instructions to the zombie hosts through domain generated algorithms. Millions of spam emails were spread through this botnet that infected the systems badly with destructive malware.
- Gh0st: It is a RAT(Remote Access Trojan) that operates through GhostNet. It was used by the cyber criminals to break inside the target computers and steal sensitive data. It allows the backdoor entry for malware authors to fully take the control over it. It is a windows-based malware program designed to attack Windows OS.
- Lokibot: It is yet another severe Infostealer malware that was used to steal banking details including login credentials, credit card details and other financial records. It is mainly distributed via spam email distribution. It also haunts owners of cryptocurrency wallets by stealing the credentials. To know in depth click here.
How To Stay Safe From Malware
Here is a quick checklist that will help you to avoid being a victim of such financial loses. With a little cautiousness and precaution, we can do it.
- Install a real-time security program that updates its threat-database regularly. HitmanPro.Alert.
- Do not open emails arrived from unknown sender before verifying them. Never be in too hurry to download the attachment, if it is subjected as important. First verify the sender for scan the attachment.
- Always do a regular backup of your important documents, photos, files and so. You can use both cloud or local backups. But as the local backups in hard drives or flash USB may also get infected. So better to use cloud backup solutions that can be easily accessed from any of your device.
- Don’t ignore any important updates of installed software and applications. To keep it free from any vulnerabilities or bugs.
- Uninstall any unknown applications from your device, if it does not allow the manual removal from Control panel, then you can take the help of uninstaller tools like Express Uninstaller.