Check Point Software Technologies, a leading provider of cybersecurity solutions globally, has published its Global Threat Index for January 2023. January saw infostealer, Vidar, return to the top 10 list in seventh place after an increase in instances of brandjacking, and the launch of a major njRAT malware phishing campaign in the Middle East and North Africa.
In January, infostealer Vidar was seen spreading through fake domains claiming to be associated with remote desktop software company, AnyDesk. The malware used URL jacking for various popular applications to redirect people to a single IP address claiming to be the official AnyDesk website. Once downloaded, the malware masqueraded as a legitimate installer to steal sensitive information such as login credentials, passwords, cryptocurrency wallet data and banking details.
Researchers also identified a major campaign dubbed ‘Earth Bogle’, delivering the njRAT malware to targets across the Middle East and North Africa. The attackers used phishing emails containing geopolitical themes, enticing users to open malicious attachments. Once downloaded and opened, the Trojan can infect devices, allowing attackers to conduct numerous intrusive activities to steal sensitive information. njRAT came in at number 10 on the top malware list, having dropped off after September 2022.
“Once again, we’re seeing malware groups use trusted brands to spread viruses, with the aim of stealing personal identifiable information (PII),” said Maya Horowitz, VP Research at Check Point Software. “I cannot stress enough how important it is that people pay attention to the links they are clicking on to ensure they are legitimate URLs. Look out for the security padlock, which indicates an up-to-date SSL certificate and watch for any hidden typos that might suggest the website is malicious.”Click below to share this article