【図表】
【ブログ】
◆September 2019’s Most Wanted Malware: Emotet Botnet Starts Spreading Spam Campaigns Again After Three-Month Silence (Check Point, 2019/10/10)
https://blog.checkpoint.com/2019/10/10/september-2019s-most-wanted-malware-emotet-botnet-starts-spreading-spam-campaigns-again-after-three-month-silence/
【関連まとめ記事】
◆Check Point マルウェアランキング (まとめ)
http://malware-log.hatenablog.com/entry/Malware_Ranking
【ランキング】
■PC
順位 | マルウェア名 | 9月 | 8月 | 7月 | 6月 | 5月 | 4月 | 3月 | 2月 | 1月 | 12月 | 11月 | 10月 | 9月 | 8月 | 7月 | 6月 | 5月 |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | Jsecoin | 1 | 2 | 2 | 2 | 3 | 3 | 5 | 5 | 4 | 3 | 6 | 6 | 5 | 5 | 5 | 6 | 4 |
2 | XMRig | 2 | 1 | 1 | 1 | 2 | 2 | 3 | 4 | 2 | 2 | 9 | 7 | 8 | 7 | 7 | 7 | 7 |
3 | Agentesla | 3 | 5 | 6 | - | 10 | 7 | - | - | - | - | - | - | - | - | - | - | - |
4 | Formbook | 4 | 9 | 9 | 9 | - | - | - | - | - | - | - | - | - | - | - | - | - |
5 | Emotet | 5 | 7 | 4 | 5 | 4 | 4 | 2 | 3 | 5 | 5 | 7 | - | 10 | - | - | - | - |
6 | Trickbot | 6 | 4 | 7 | 10 | 8 | 8 | - | - | - | - | - | - | - | - | - | - | - |
7 | Cryptoloot | 7 | 8 | 10 | 3 | 1 | 1 | 1 | 2 | 3 | 4 | 2 | 2 | 3 | 4 | 2 | 2 | 2 |
8 | Dorkbot | 8 | 3 | 3 | 4 | 7 | 5 | 4 | 6 | 7 | 7 | 5 | 3 | 2 | 2 | 3 | 3 | 8 |
9 | Ramnit | 9 | 6 | 8 | 6 | 5 | 6 | 7 | 10 | 10 | 8 | - | 8 | 7 | 6 | 10 | 10 | - |
10 | Lokibot | 10 | 10 | - | - | 6 | 10 | 9 | - | 8 | - | - | - | - | - | - | - | - |
- | Nanocore | - | - | 5 | 8 | - | - | - | - | - | - | - | - | - | - | - | - | - |
- | Hawkeye | - | - | - | 7 | - | - | - | - | - | - | - | - | - | - | - | - | - |
- | Nivdort | - | - | - | - | 9 | - | 8 | 7 | 6 | 6 | 10 | - | - | 10 | - | 8 | - |
- | Sality | - | - | - | - | - | 9 | - | - | - | - | - | - | - | - | - | - | - |
- | Coinhive | - | - | - | - | - | - | 6 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 |
- | Mirai | - | - | - | - | - | - | 10 | - | - | - | - | - | - | - | - | - | - |
- | Gandcrab | - | - | - | - | - | - | - | 8 | 9 | - | - | - | - | - | - | - | - |
- | Smokeloader | - | - | - | - | - | - | - | - | - | 9 | - | - | - | - | - | - | - |
- | Authedmine | - | - | - | - | - | - | - | 9 | - | 10 | - | - | - | - | - | - | - |
- | Andromeda | - | - | - | - | - | - | - | - | - | - | 3 | 5 | 4 | 3 | 4 | 4 | 5 |
- | Roughted | - | - | - | - | - | - | - | - | - | - | 4 | 4 | 6 | 8 | 6 | 5 | 3 |
- | Conficker | - | - | - | - | - | - | - | - | - | - | 8 | 9 | 9 | 9 | 8 | - | 10 |
- | FlawedAmmyy RAT | - | - | - | - | - | - | - | - | - | - | - | 10 | - | - | - | - | - |
- | Fireball | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | 6 |
- | Necurs | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | 9 |
■モバイル
順位 | マルウェア名 | 9月 | 8月 | 7月 | 6月 | 5月 | 4月 |
---|---|---|---|---|---|---|---|
1 | Lotoor | 1 | 1 | 1 | 1 | 1 | 2 |
2 | AndroidBauts | 2 | 2 | 2 | - | - | - |
3 | Hiddad | 3 | - | - | - | 2 | 3 |
- | Triada | - | 3 | - | 2 | 3 | 1 |
- | Piom | - | - | 3 | - | - | - |
- | Ztorg | - | - | - | 3 | - | - |
■脆弱性
順位 | 脆弱性 | 9月 | 8月 | 7月 | 6月 | 5月 | 4月 |
---|---|---|---|---|---|---|---|
1 | MVPower DVR Remote Code Execution | 1 | 3 | 3 | - | - | - |
2 | Linux System Files Information Disclosure | 2 | - | - | - | - | - |
3 | Web Server Exposed Git Repository Information Disclosure | 3 | 8 | 4 | 4 | 2 | - |
4 | SQL Injection (several techniques) | 4 | 1 | 1 | 1 | 1 | - |
5 | OpenSSL TLS DTLS Heartbeat Information Disclosure | 5 | 2 | 2 | 2 | 3 | 1 |
6 | Command Injection Over HTTP | 6 | 4 | - | 7 | - | - |
7 | WordPress portable-phpMyAdmin Plugin Authentication Bypass | 7 | 5 | 7 | 6 | 10 | - |
8 | PHP DIESCAN information disclosure | 8 | 7 | 6 | 5 | 7 | - |
9 | Joomla Object Injection Remote Command Execution) | 9 | 6 | 5 | 3 | 4 | - |
10 | D-Link DSL-2750B Remote Command Execution | 10 | 10 | 9 | 9 | 8 | - |
- | Hikvision IP Cameras Information Disclosure | - | - | - | - | - | - |
- | OpenDreamBox WebAdmin Plugin Remote Code Execution | - | - | 8 | - | - | - |
- | Apache Struts2 Content-Type Remote Code Execution (CVE-2017-5638) | - | - | - | 8 | 6 | 3 |
- | Microsoft IIS WebDAV ScStoragePathFromUrl Buffer Overflow (CVE-2017-7269) | - | - | - | 10 | 5 | 2 |