【ブログ】
◆December 2019’s Most Wanted Malware: Greta Thunberg-themed Spam Used to Spread Emotet Malware (Check Point, 2020/01/13)
https://blog.checkpoint.com/2020/01/13/december-2019s-most-wanted-malware-greta-thunberg-themed-spam-used-to-spread-emotet-malware/
【関連まとめ記事】
◆Check Point マルウェアランキング (まとめ)
http://malware-log.hatenablog.com/entry/Malware_Ranking
【ランキング】
■PC
順位 | マルウェア名 | 12 月 | 11 月 | 10月 | 9月 | 8月 | 7月 | 6月 | 5月 | 4月 | 3月 | 2月 | 1月 | 12月 | 11月 | 10月 | 9月 | 8月 | 7月 | 6月 | 5月 |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | Emotet | 1 | 1 | 1 | 5 | 7 | 4 | 5 | 4 | 4 | 2 | 3 | 5 | 5 | 7 | - | 10 | - | - | - | - |
2 | XMRig | 2 | 2 | 2 | 2 | 1 | 1 | 1 | 2 | 2 | 3 | 4 | 2 | 2 | 9 | 7 | 8 | 7 | 7 | 7 | 7 |
3 | Trickbot | 3 | 3 | 3 | 6 | 4 | 7 | 10 | 8 | 8 | - | - | - | - | - | - | - | - | - | - | - |
4 | Agentesla | 4 | 9 | 8 | 3 | 5 | 6 | - | 10 | 7 | - | - | - | - | - | - | - | - | - | - | - |
5 | Lokibot | 5 | - | 7 | 10 | 10 | - | - | 6 | 10 | 9 | - | 8 | - | - | - | - | - | - | - | - |
6 | Ramnit | 6 | 6 | 6 | 9 | 6 | 8 | 6 | 5 | 6 | 7 | 10 | 10 | 8 | - | 8 | 7 | 6 | 10 | 10 | - |
7 | RigEK | 7 | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - |
8 | Formbook | 8 | 4 | 9 | 4 | 9 | 9 | 9 | - | - | - | - | - | - | - | - | - | - | - | - | - |
9 | Nanocore | 9 | - | - | - | - | 5 | 8 | - | - | - | - | - | - | - | - | - | - | - | - | - |
10 | XHelper | 10 | 8 | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - |
- | Dorkbot | - | 5 | 5 | 8 | 3 | 3 | 4 | 7 | 5 | 4 | 6 | 7 | 7 | 5 | 3 | 2 | 2 | 3 | 3 | 8 |
- | Vidar | - | 7 | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - |
- | Glupteba | - | 10 | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - |
- | Jsecoin | - | - | 4 | 1 | 2 | 2 | 2 | 3 | 3 | 5 | 5 | 4 | 3 | 6 | 6 | 5 | 5 | 5 | 6 | 4 |
- | Cryptoloot | - | - | 10 | 7 | 8 | 10 | 3 | 1 | 1 | 1 | 2 | 3 | 4 | 2 | 2 | 3 | 4 | 2 | 2 | 2 |
- | Hawkeye | - | - | - | - | - | - | 7 | - | - | - | - | - | - | - | - | - | - | - | - | - |
- | Nivdort | - | - | - | - | - | - | - | 9 | - | 8 | 7 | 6 | 6 | 10 | - | - | 10 | - | 8 | - |
- | Sality | - | - | - | - | - | - | - | - | 9 | - | - | - | - | - | - | - | - | - | - | - |
- | Coinhive | - | - | - | - | - | - | - | - | - | 6 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 |
- | Mirai | - | - | - | - | - | - | - | - | - | 10 | - | - | - | - | - | - | - | - | - | - |
- | Gandcrab | - | - | - | - | - | - | - | - | - | - | 8 | 9 | - | - | - | - | - | - | - | - |
- | Smokeloader | - | - | - | - | - | - | - | - | - | - | - | - | 9 | - | - | - | - | - | - | - |
- | Authedmine | - | - | - | - | - | - | - | - | - | - | 9 | - | 10 | - | - | - | - | - | - | - |
- | Andromeda | - | - | - | - | - | - | - | - | - | - | - | - | - | 3 | 5 | 4 | 3 | 4 | 4 | 5 |
- | Roughted | - | - | - | - | - | - | - | - | - | - | - | - | - | 4 | 4 | 6 | 8 | 6 | 5 | 3 |
- | Conficker | - | - | - | - | - | - | - | - | - | - | - | - | - | 8 | 9 | 9 | 9 | 8 | - | 10 |
- | FlawedAmmyy RAT | - | - | - | - | - | - | - | - | - | - | - | - | - | - | 10 | - | - | - | - | - |
- | Fireball | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | 6 |
- | Necurs | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | 9 |
■モバイル
順位 | マルウェア名 | 12月 | 11月 | 10月 | 9月 | 8月 | 7月 | 6月 | 5月 | 4月 |
---|---|---|---|---|---|---|---|---|---|---|
1 | xHelper | 1 | 1 | - | - | - | - | - | - | - |
2 | Guerrilla | 2 | 2 | 1 | - | - | - | - | - | - |
3 | Hiddad | 3 | - | - | 3 | - | - | - | 2 | 3 |
- | Lotoor | - | 3 | 2 | 1 | 1 | 1 | 1 | 1 | 2 |
- | AndroidBauts | - | - | 3 | 2 | 2 | 2 | - | - | - |
- | Triada | - | - | - | - | 3 | - | 2 | 3 | 1 |
- | Piom | - | - | - | - | - | 3 | - | - | - |
- | Ztorg | - | - | - | - | - | - | 3 | - | - |
■脆弱性
順位 | 脆弱性 | 12月 | 11月 | 10月 | 9月 | 8月 | 7月 | 6月 | 5月 | 4月 | 3月 |
---|---|---|---|---|---|---|---|---|---|---|---|
1 | Command Injection Over HTTP | 1 | 4 | 8 | 6 | 4 | - | 7 | - | - | - |
2 | MVPower DVR Remote Code Execution | 2 | 3 | 3 | 1 | 3 | 3 | - | - | - | - |
3 | Web Server Exposed Git Repository Information Disclosure | 3 | - | 5 | 3 | 8 | 4 | 4 | 2 | - | 2 |
4 | SQL Injection (several techniques) | 4 | 1 | 1 | 4 | 1 | 1 | 1 | 1 | - | - |
5 | D-Link DSL-2750B Remote Command Execution | 5 | - | - | 10 | 10 | 9 | 9 | 8 | - | - |
6 | OpenSSL TLS DTLS Heartbeat Information Disclosure | 6 | 2 | 2 | 5 | 2 | 2 | 2 | 3 | 1 | 3 |
7 | Dasan GPON Router Authentication Bypass (CVE-2018-10561) | 7 | 9 | - | - | - | - | - | - | - | - |
8 | WordPress portable-phpMyAdmin Plugin Authentication Bypass | 8 | 7 | 6 | 7 | 5 | 7 | 6 | 10 | - | - |
9 | PHP DIESCAN information disclosure | 9 | 6 | 4 | 8 | 7 | 6 | 5 | 7 | - | - |
10 | Joomla Object Injection Remote Command Execution) | 10 | 8 | 7 | 9 | 6 | 5 | 3 | 4 | - | - |
- | Apache Struts2 Content-Type Remote Code Execution (CVE-2017-5638) | - | 5 | 10 | - | - | - | 8 | 6 | 3 | - |
- | OpenSSL Padding Oracle Information Disclosure (CVE-2016-2107) | - | 10 | 9 | - | - | - | - | - | - | - |
- | Linux System Files Information Disclosure | - | - | - | 2 | - | - | - | - | - | - |
- | Hikvision IP Cameras Information Disclosure | - | - | - | - | - | - | - | - | - | - |
- | OpenDreamBox WebAdmin Plugin Remote Code Execution | - | - | - | - | - | 8 | - | - | - | - |
- | Microsoft IIS WebDAV ScStoragePathFromUrl Buffer Overflow (CVE-2017-7269) | - | - | - | - | - | - | 10 | 5 | 2 | 1 |