May 14, 2021
For the first time, AgentTesla has ranked second in the Check Point Research (CPR) Global Threat Index, while the established Dridex trojan is still the most prevalent malware, having risen to the top spot in March after being seventh in February.
This month, Dridex, a Trojan that targets the Windows platform, spread via QuickBooks Malspam Campaign. The phishing emails used QuickBooks’s branding and were trying to lure the user with fake payment notifications and invoices. The email content asked to download a malicious Microsoft Excel attachment that could cause the system to be infected with Dridex.
This malware is often used as the initial infection stage in ransomware operations where hackers will encrypt an organisation’s data and demand a ransom in order to decrypt it. Increasingly, these hackers are using double extortion methods, where they will steal sensitive data from an organization and threaten to release it publicly unless a payment is made.