【ランキング】
■PC
| 順位 | マルウェア名 | 5月 | 4月 | 3月 | 2月 | 1月 | 12 月 | 11 月 | 10月 | 9月 | 8月 | 7月 | 6月 | 5月 | 4月 | 3月 | 2月 | 1月 | 12月 | 11月 | 10月 | 9月 | 8月 | 7月 | 6月 | 5月 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 | Dridex | 1 | 1 | 3 | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - |
| 2 | Agentesla | 2 | 3 | 6 | 6 | 4 | 4 | 9 | 8 | 3 | 5 | 6 | - | 10 | 7 | - | - | - | - | - | - | - | - | - | - | - |
| 3 | XMRig | 3 | 2 | 1 | 1 | 2 | 2 | 2 | 2 | 2 | 1 | 1 | 1 | 2 | 2 | 3 | 4 | 2 | 2 | 9 | 7 | 8 | 7 | 7 | 7 | 7 |
| 4 | Formbook | 4 | 7 | 7 | 8 | 5 | 8 | 4 | 9 | 4 | 9 | 9 | 9 | - | - | - | - | - | - | - | - | - | - | - | - | - |
| 5 | Ursnif | 5 | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - |
| 6 | Emotet | 6 | 9 | 5 | 2 | 1 | 1 | 1 | 1 | 5 | 7 | 4 | 5 | 4 | 4 | 2 | 3 | 5 | 5 | 7 | - | 10 | - | - | - | - |
| 7 | Trickbot | 7 | 5 | 4 | 4 | 3 | 3 | 3 | 3 | 6 | 4 | 7 | 10 | 8 | 8 | - | - | - | - | - | - | - | - | - | - | - |
| 8 | Ramnit | 8 | 6 | 9 | 7 | 6 | 6 | 6 | 6 | 9 | 6 | 8 | 6 | 5 | 6 | 7 | 10 | 10 | 8 | - | 8 | 7 | 6 | 10 | 10 | - |
| 9 | Glupteba | 9 | - | - | 10 | - | - | 10 | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - |
| 10 | Lokibot | 10 | - | 8 | 5 | 8 | 5 | - | 7 | 10 | 10 | - | - | 6 | 10 | 9 | - | 8 | - | - | - | - | - | - | - | - |
| - | Jsecoin | - | 4 | 2 | 3 | - | - | - | 4 | 1 | 2 | 2 | 2 | 3 | 3 | 5 | 5 | 4 | 3 | 6 | 6 | 5 | 5 | 5 | 6 | 4 |
| - | xHelper | - | 8 | - | - | 10 | 10 | 8 | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - |
| - | RigEK | - | 10 | 10 | - | - | 7 | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - |
| - | Vidar | - | - | - | 9 | 7 | - | 7 | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - |
| - | Hawkeye | - | - | - | - | 9 | - | - | - | - | - | - | 7 | - | - | - | - | - | - | - | - | - | - | - | - | - |
| - | Nanocore | - | - | - | - | - | 9 | - | - | - | - | 5 | 8 | - | - | - | - | - | - | - | - | - | - | - | - | - |
| - | Dorkbot | - | - | - | - | - | - | 5 | 5 | 8 | 3 | 3 | 4 | 7 | 5 | 4 | 6 | 7 | 7 | 5 | 3 | 2 | 2 | 3 | 3 | 8 |
| - | Cryptoloot | - | - | - | - | - | - | - | 10 | 7 | 8 | 10 | 3 | 1 | 1 | 1 | 2 | 3 | 4 | 2 | 2 | 3 | 4 | 2 | 2 | 2 |
| - | Nivdort | - | - | - | - | - | - | - | - | - | - | - | - | 9 | - | 8 | 7 | 6 | 6 | 10 | - | - | 10 | - | 8 | - |
| - | Sality | - | - | - | - | - | - | - | - | - | - | - | - | - | 9 | - | - | - | - | - | - | - | - | - | - | - |
| - | Coinhive | - | - | - | - | - | - | - | - | - | - | - | - | - | - | 6 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 |
| - | Mirai | - | - | - | - | - | - | - | - | - | - | - | - | - | - | 10 | - | - | - | - | - | - | - | - | - | - |
| - | Gandcrab | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | 8 | 9 | - | - | - | - | - | - | - | - |
| - | Smokeloader | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | 9 | - | - | - | - | - | - | - |
| - | Authedmine | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | 9 | - | 10 | - | - | - | - | - | - | - |
| - | Andromeda | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | 3 | 5 | 4 | 3 | 4 | 4 | 5 |
| - | Roughted | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | 4 | 4 | 6 | 8 | 6 | 5 | 3 |
| - | Conficker | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | 8 | 9 | 9 | 9 | 8 | - | 10 |
| - | FlawedAmmyy RAT | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | 10 | - | - | - | - | - |
| - | Fireball | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | 6 |
| - | Necurs | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - | 9 |
■モバイル
| 順位 | マルウェア名 | 5月 | 4月 | 3月 | 2月 | 1月 | 12月 | 11月 | 10月 | 9月 | 8月 | 7月 | 6月 | 5月 | 4月 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 | PreAmo | 1 | - | - | - | - | - | - | - | - | - | - | - | - | - |
| 2 | Necro | 2 | - | - | - | - | - | - | - | - | - | - | - | - | - |
| 3 | Hiddad | 3 | - | - | 2 | 3 | 3 | - | - | 3 | - | - | - | 2 | 3 |
| - | xHelper | - | 1 | 1 | 1 | 1 | 1 | 1 | - | - | - | - | - | - | - |
| - | Lotoor | - | 2 | 3 | - | - | - | 3 | 2 | 1 | 1 | 1 | 1 | 1 | 2 |
| - | AndroidBauts | - | 3 | 2 | - | - | - | - | 3 | 2 | 2 | 2 | - | - | - |
| - | Guerrilla | - | - | - | 3 | 2 | 2 | 2 | 1 | - | - | - | - | - | - |
| - | Triada | - | - | - | - | - | - | - | - | - | 3 | - | 2 | 3 | 1 |
| - | Piom | - | - | - | - | - | - | - | - | - | - | 3 | - | - | - |
| - | Ztorg | - | - | - | - | - | - | - | - | - | - | - | 3 | - | - |
■脆弱性
| 順位 | 脆弱性 | 5月 | 4月 | 3月 | 2月 | 1月 | 12月 | 11月 | 10月 | 9月 | 8月 | 7月 | 6月 | 5月 | 4月 | 3月 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 1 | MVPower DVR Remote Code Execution | 1 | 1 | 1 | 1 | 1 | 2 | 3 | 3 | 1 | 3 | 3 | - | - | - | - |
| 2 | OpenSSL TLS DTLS Heartbeat Information Disclosure | 2 | 2 | 3 | 2 | 5 | 6 | 2 | 2 | 5 | 2 | 2 | 2 | 3 | 1 | 3 |
| 3 | Web Server Exposed Git Repository Information Disclosure | 3 | - | 4 | 7 | 2 | 3 | - | 5 | 3 | 8 | 4 | 4 | 2 | - | 2 |
| 4 | Dasan GPON Router Authentication Bypass (CVE-2018-10561) | 4 | 4 | 5 | 4 | 4 | 7 | 9 | - | - | - | - | - | - | - | - |
| 5 | Draytek Vigor Command Injection (CVE-2020-8515) | 5 | - | - | - | - | - | - | - | - | - | - | - | - | - | - |
| 6 | Apache Struts2 Content-Type Remote Code Execution (CVE-2017-5638) | 6 | - | - | - | 6 | - | 5 | 10 | - | - | - | 8 | 6 | 3 | - |
| 7 | PHP DIESCAN information disclosure | 7 | 6 | 8 | 3 | 3 | 9 | 6 | 4 | 8 | 7 | 6 | 5 | 7 | - | - |
| 8 | OpenSSL Padding Oracle Information Disclosure (CVE-2016-2107) | 8 | 9 | 10 | - | - | - | 10 | 9 | - | - | - | - | - | - | - |
| 9 | PHP php-cgi Query String Parameter Code Execution | 9 | - | 2 | 6 | - | - | - | - | - | - | - | - | - | - | - |
| 10 | D-Link DSL-2750B Remote Command Execution | 10 | 8 | 7 | - | 10 | 5 | - | - | 10 | 10 | 9 | 9 | 8 | - | - |
| - | Command Injection Over HTTP | - | 3 | - | 9 | 8 | 1 | 4 | 8 | 6 | 4 | - | 7 | - | - | - |
| - | SQL Injection (several techniques) | - | 5 | 9 | 5 | 7 | 4 | 1 | 1 | 4 | 1 | 1 | 1 | 1 | - | - |
| - | WordPress portable-phpMyAdmin Plugin Authentication Bypass | - | 7 | - | 8 | 9 | 8 | 7 | 6 | 7 | 5 | 7 | 6 | 10 | - | - |
| - | Joomla Object Injection Remote Command Execution) | - | 10 | - | - | - | 10 | 8 | 7 | 9 | 6 | 5 | 3 | 4 | - | - |
| - | Huawei HG532 Router Remote Code Execution | - | - | 6 | - | - | - | - | - | - | - | - | - | - | - | - |
| - | Web Server Enforcement Violation | - | - | - | 10 | - | - | - | - | - | - | - | - | - | - | - |
| - | Linux System Files Information Disclosure | - | - | - | - | - | - | - | - | 2 | - | - | - | - | - | - |
| - | Hikvision IP Cameras Information Disclosure | - | - | - | - | - | - | - | - | - | - | - | - | - | - | - |
| - | OpenDreamBox WebAdmin Plugin Remote Code Execution | - | - | - | - | - | - | - | - | - | - | 8 | - | - | - | - |
| - | Microsoft IIS WebDAV ScStoragePathFromUrl Buffer Overflow (CVE-2017-7269) | - | - | - | - | - | - | - | - | - | - | - | 10 | 5 | 2 | 1 |
【ニュース】
◆トロイの木馬「Emotet」が第1位 - 10月マルウェアランキング (マイナビニュース, 2019/11/14 07:17)
https://news.mynavi.jp/article/20191114-923038/
◆暗号通貨マイナーのXMRigが1位、7月マルウェアランキング (マイナビニュース, 2019/08/11 10:38)
https://news.mynavi.jp/article/20190811-874793/
⇒ https://malware-log.hatenablog.com/entry/2019/08/11/000000
◆大規模ボットネットが息を潜めてアップグレード、6月マルウェアランキング (マイナビニュース, 2019/07/11 10:55)
https://news.mynavi.jp/article/20190711-857435/
⇒ https://malware-log.hatenablog.com/entry/2019/07/11/000000_1
◆確定申告狙うトロイの木馬に注目 - 4月マルウェアランキング (マイナビニュース, 2019/05/15)
https://news.mynavi.jp/article/20190515-823710/
⇒ https://malware-log.hatenablog.com/entry/2019/05/15/000000_9
◆仮想通貨マイニング「Coinhive」6位に陥落 - 3月マルウェアランキング (マイナビニュース, 2019/04/12 10:10)
https://news.mynavi.jp/article/20190412-807242/
⇒ http://malware-log.hatenablog.com/entry/2019/04/12/000000_12
◆2月マルウェアランキング - 今月もCoinhiveが第1位 (マイナビニュース, 2019/03/14 13:16)
https://news.mynavi.jp/article/20190314-788138/
◆1月マルウェアランキング、Linuxサーバ狙う新マルウェア観測 (マイナビニュース, 2019/02/15 07:15)
https://news.mynavi.jp/article/20190215-771452/
⇒ http://malware-log.hatenablog.com/entry/2019/02/15/000000
◆仮想通貨マイニングが上位独占 - 12月マルウェアランキング (マイナビニュース, 2019/01/15 13:45)
https://news.mynavi.jp/article/20190115-756719/
⇒ http://malware-log.hatenablog.com/entry/2019/01/15/000000_5
◆トロイの木馬が再活性化 - 8月マルウェアランキング (マイナビニュース, 2018/09/13 11:15)
https://news.mynavi.jp/article/20180913-692140/
⇒ http://malware-log.hatenablog.com/entry/2018/09/13/000000
◆IoTを対象とした攻撃増加、7月マルウェアランキング (マイナビニュース, 2018/08/17 10:20)
https://news.mynavi.jp/article/20180817-679298/
⇒ http://malware-log.hatenablog.com/entry/2018/08/17/000000
◆バンキング型トロイの木馬が増加 - 6月マルウェアランキング (マイナビニュース, 2018/07/06 12:47)
https://news.mynavi.jp/article/20180706-660076/
⇒ http://malware-log.hatenablog.com/entry/2018/07/06/000000_6
【ブログ】
◆January 2020’s Most Wanted Malware: Coronavirus-themed spam spreads malicious Emotet malware (Check Point, 2020/02/13)
https://blog.checkpoint.com/2020/02/13/january-2020s-most-wanted-malware-coronavirus-themed-spam-spreads-malicious-emotet-malware/
⇒ https://malware-log.hatenablog.com/entry/2020/02/13/000000
◆December 2019’s Most Wanted Malware: Greta Thunberg-themed Spam Used to Spread Emotet Malware (Check Point, 2020/01/13)
https://blog.checkpoint.com/2020/01/13/december-2019s-most-wanted-malware-greta-thunberg-themed-spam-used-to-spread-emotet-malware/
⇒ https://malware-log.hatenablog.com/entry/2020/01/13/000000
◆November 2019’s Most Wanted Malware: Researchers Warn of Fast-growing Mobile Threat While Emotet’s Impact Declines (Check Point, 2019/12/11)
https://blog.checkpoint.com/2019/12/11/november-2019s-most-wanted-malware-researchers-warn-of-fast-growing-mobile-threat-while-emotets-impact-declines/
⇒ https://malware-log.hatenablog.com/entry/2019/12/11/000000_4
◆October 2019’s Most Wanted Malware: the Decline of Cryptominers Continues, as Emotet Botnet Expands Rapidly (Check Point, 2019/11/12)
https://blog.checkpoint.com/2019/11/12/october-2019s-most-wanted-malware-the-decline-of-cryptominers-continues-as-emotet-botnet-expands-rapidly/
⇒ https://malware-log.hatenablog.com/entry/2019/11/12/000000_8
◆September 2019’s Most Wanted Malware: Emotet Botnet Starts Spreading Spam Campaigns Again After Three-Month Silence (Check Point, 2019/10/10)
https://blog.checkpoint.com/2019/10/10/september-2019s-most-wanted-malware-emotet-botnet-starts-spreading-spam-campaigns-again-after-three-month-silence/
⇒ https://malware-log.hatenablog.com/entry/2019/11/12/000000_8
◆August 2019’s Most Wanted Malware: Echobot Launches Widespread Attack Against IoT Devices (Check point, 2019/09/12)
https://blog.checkpoint.com/2019/09/12/august-2019s-most-wanted-malware-echobot-launches-widespread-attack-against-iot-devices/
⇒ https://malware-log.hatenablog.com/entry/2019/09/12/000000_3
◆July 2019’s Most Wanted Malware: Vulnerability in OpenDreamBox 2.0.0 WebAdmin Plugin Enables Attackers to Execute Commands Remotely (CheckPoint, 2019/08/08)
https://blog.checkpoint.com/2019/08/08/july-2019s-most-wanted-malware-vulnerability-in-opendreambox-2-0-0-webadmin-plugin-enables-attackers-to-execute-commands-remotely/
⇒ https://malware-log.hatenablog.com/entry/2019/08/08/000000_8
◆November 2018’s Most Wanted Malware: The Rise of the Thanksgiving Day Botnet (Check Point, 2018/12/11)
https://blog.checkpoint.com/2018/12/11/november-2018s-most-wanted-malware-the-rise-of-the-thanksgiving-day-botnet/
⇒ http://malware-log.hatenablog.com/entry/2018/12/11/000000_4
◆October 2018’s Most Wanted Malware: For The First Time, Remote Access Trojan Reaches Top 10 Threats (Check Point, 2018/11/13)
https://blog.checkpoint.com/2018/11/13/october-2018s-most-wanted-malware-for-the-first-time-remote-access-trojan-reaches-top-threats-cryptomining/
⇒ http://malware-log.hatenablog.com/entry/2018/11/13/000000_11
◆September 2018’s Most Wanted Malware: Cryptomining Attacks Against Apple Devices On The Rise (Check Point, 2018/10/15)
https://blog.checkpoint.com/2018/10/15/september-2018s-most-wanted-malware-cryptomining-attacks-against-apple-devices-on-the-rise/
⇒ http://malware-log.hatenablog.com/entry/2018/10/15/000000_9
◆August’s Most Wanted Malware: Banking Trojan Attacks Turn up the Heat (Check Point, 2018/09/11)
https://blog.checkpoint.com/2018/09/11/augusts-most-wanted-malware-banking-trojan-attacks-turn-up-the-heat/
⇒ http://malware-log.hatenablog.com/entry/2018/09/11/000000_11
◆June’s Most Wanted Malware: Banking Trojans Up 50% Among Threat Actors (Check Point, 2018/07/05)
https://blog.checkpoint.com/2018/07/05/junes-most-wanted-malware-banking-trojans-crypto-mining/
⇒ http://malware-log.hatenablog.com/entry/2018/07/05/000000_7
◆May’s Most Wanted Malware: Cryptomining Malware Digs into Nearly 40% of Organizations Globally (Check Point, 2018/06/07)
https://blog.checkpoint.com/2018/06/07/mays-wanted-malware/
⇒ http://malware-log.hatenablog.com/entry/2018/06/07/000000_8
◆April 2019’s Most Wanted Malware: Cybercriminals up to Old ‘TrickBots’ Again (Check Point, 2019/05/14)
https://blog.checkpoint.com/2019/05/14/april-2019s-most-wanted-malware-cybercriminals-up-to-old-trickbots-crypto-cryptomining-security-ryuk/
⇒ https://malware-log.hatenablog.com/entry/2019/05/14/000000_5
◆May 2019’s Most Wanted Malware: Patch Now to Avoid the BlueKeep Blues (Check Point, 2019/06/13)
https://blog.checkpoint.com/2019/06/13/may-2019-most-wanted-malware-bluekeep-microsoft-rdp-cryptocurrency-malware/
⇒ https://malware-log.hatenablog.com/entry/2019/06/13/000000_8
【関連まとめ記事】
◆資料・報告書 (まとめ)
https://malware-log.hatenablog.com/entry/Report