TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

Check Point マルウェアランキング (まとめ)

【ランキング】

■PC

順位 マルウェア名 1月 12月 11月 10月 9月 8月 7月 6月 5月 4月 3月 2月 1月 12 月 11 月 10月 9月 8月 7月 6月 5月 4月 3月 2月 1月 12月 11月 10月 9月 8月 7月 6月 5月
1 Emotet 1 1 5 1 1 1 1 7 6 9 5 2 1 1 1 1 5 7 4 5 4 4 2 3 5 5 7 - 10 - - - -
2 Phorpiex 2 - 1 - - - - 2 - - - - - - - - - - - - - - - - - - - - - - - - -
3 Trickbot 3 2 6 2 2 4 4 5 7 5 4 4 3 3 3 3 6 4 7 10 8 8 - - - - - - - - - - -
4 Dridex 4 4 2 4 3 - 2 4 1 1 3 - - - - - - - - - - - - - - - - - - - - - -
5 XMRig 5 5 7 7 5 5 6 3 3 2 1 1 2 2 2 2 2 1 1 1 2 2 3 4 2 2 9 7 8 7 7 7 7
6 Formbook 6 3 4 5 - 3 5 9 4 7 7 8 5 8 4 9 4 9 9 9 - - - - - - - - - - - - -
7 Hiddad 7 7 3 3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
8 Qbot 8 6 10 6 6 10 - - - - - - - - - - - - - - - - - - - - - - - - - - -
9 RigEK 9 8 8 - 10 8 10 - - 10 10 - - 7 - - - - - - - - - - - - - - - - - - -
10 Ramnit 10 9 - 10 8 6 8 6 8 6 9 7 6 6 6 6 9 6 8 6 5 6 7 10 10 8 - 8 7 6 10 10 -
- Glupteba - 10 - - 7 7 9 8 9 - - 10 - - 10 - - - - - - - - - - - - - - - - - -
- Zloader - - 9 8 - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- xHelper - - - 9 - - - - - 8 - - 10 10 8 - - - - - - - - - - - - - - - - - -
- Agentesla - - - - 4 2 3 1 2 3 6 6 4 4 9 8 3 5 6 - 10 7 - - - - - - - - - - -
- Varak - - - - 9 - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- Remcos - - - - - 9 - - - - - - - - - - - - - - - - - - - - - - - - - - -
- Mirai - - - - - - 7 - - - - - - - - - - - - - - - 10 - - - - - - - - - -
- NetwiredRC - - - - - - - 10 - - - - - - - - - - - - - - - - - - - - - - - - -
- Ursnif - - - - - - - - 5 - - - - - - - - - - - - - - - - - - - - - - - -
- Lokibot - - - - - - - - 10 - 8 5 8 5 - 7 10 10 - - 6 10 9 - 8 - - - - - - - -
- Jsecoin - - - - - - - - - 4 2 3 - - - 4 1 2 2 2 3 3 5 5 4 3 6 6 5 5 5 6 4
- xHelper - - - - - - - - - 8 - - 10 10 8 - - - - - - - - - - - - - - - - - -
- Vidar - - - - - - - - - - - 9 7 - 7 - - - - - - - - - - - - - - - - - -
- Hawkeye - - - - - - - - - - - - 9 - - - - - - 7 - - - - - - - - - - - - -
- Nanocore - - - - - - - - - - - - - 9 - - - - 5 8 - - - - - - - - - - - - -
- Dorkbot - - - - - - - - - - - - - - 5 5 8 3 3 4 7 5 4 6 7 7 5 3 2 2 3 3 8
- Cryptoloot - - - - - - - - - - - - - - - 10 7 8 10 3 1 1 1 2 3 4 2 2 3 4 2 2 2
- Nivdort - - - - - - - - - - - - - - - - - - - - 9 - 8 7 6 6 10 - - 10 - 8 -
- Sality - - - - - - - - - - - - - - - - - - - - - 9 - - - - - - - - - - -
- Coinhive - - - - - - - - - - - - - - - - - - - - - - 6 1 1 1 1 1 1 1 1 1 1
- Gandcrab - - - - - - - - - - - - - - - - - - - - - - - 8 9 - - - - - - - -
- Smokeloader - - - - - - - - - - - - - - - - - - - - - - - - - 9 - - - - - - -
- Authedmine - - - - - - - - - - - - - - - - - - - - - - - 9 - 10 - - - - - - -
- Andromeda - - - - - - - - - - - - - - - - - - - - - - - - - - 3 5 4 3 4 4 5
- Roughted - - - - - - - - - - - - - - - - - - - - - - - - - - 4 4 6 8 6 5 3
- Conficker - - - - - - - - - - - - - - - - - - - - - - - - - - 8 9 9 9 8 - 10
- FlawedAmmyy RAT - - - - - - - - - - - - - - - - - - - - - - - - - - - 10 - - - - -
- Fireball - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 6
- Necurs - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 9


■モバイル

順位 マルウェア名 1月 12月 11月 10月 9月 8月 7月 6月 5月 4月 3月 2月 1月 12月 11月 10月 9月 8月 7月 6月 5月 4月
1 Hiddad 1 1 1 1 3 3 - 2 3 - - 2 3 3 - - 3 - - - 2 3
2 xHelper 2 2 2 2 1 1 1 - - 1 1 1 1 1 1 - - - - - - -
3 Triada 3 3 - - - - - - - - - - - - - - - - - - - -
- Lotoor - - 3 3 - - - 3 - 2 3 - - - 3 2 1 1 1 1 1 2
- Xafekopy - - - - - - - - - - - - - - - - - - - 3 - -
- Necro - - - - - 2 2 1 2 - - - - - - - - - - - - -
- PreAmo - - - - - - 3 - 1 - - - - - - - - - - - - -
- AndroidBauts - - - - - - - - - 3 2 - - - - 3 2 2 2 - - -
- Guerrilla - - - - - - - - - - - 3 2 2 2 1 - - - - - -
- Triada - - - - - - - - - - - - - - - - - 3 - 2 3 1
- Piom - - - - - - - - - - - - - - - - - - 3 - - -
- Ztorg - - - - - - - - - - - - - - - - - - - 3 - -


■脆弱性

順位
脆弱性
 
1月 12月 11月 10月 9月 8月 7月 6月 5月 4月 3月 2月 1月 12月 11月 10月 9月 8月 7月 6月 5月 4月 3月
1 MVPower DVR Remote Code Execution 1 1 2 1 1 2 1 2 1 1 1 1 1 2 3 3 1 3 3 - - - -
2 HTTP Headers Remote Code Execution (CVE-2020-13756) 2 2 1 3 4 6 5 6 - - - - - - - - - - - - - - -
3 Dasan GPON Router Authentication Bypass (CVE-2018-10561) 3 4 3 2 2 3 4 4 4 4 5 4 4 7 9 - - - - - - - -
4 Command Injection Over HTTP Payload 4 5 5 - 8 9 3 - - 3 - 9 8 1 4 8 6 4 - 7 - - -
5 Web Server Exposed Git Repository Information Disclosure 5 3 4 7 5 1 7 3 3 - 4 7 2 3 - 5 3 8 4 4 2 - 2
6 SQL Injection (several techniques) 6 8 8 8 8 8 8 5 - 5 9 5 7 4 1 1 4 1 1 1 1 - -
7 Draytek Vigor Command Injection (CVE-2020-8515) 7 9 7 4 6 4 - - - - - - - - - - - - - - - - -
8 WordPress portable-phpMyAdmin Plugin Authentication Bypass 8 - 10 6 - - 10 7 - 7 - 8 9 8 7 6 7 5 7 6 10 - -
9 PHP DIESCAN information disclosure 9 - - 10 - - - 9 7 6 8 3 3 9 6 4 8 7 6 5 7 - -
10 PHP php-cgi Query String Parameter Code Execution 10 - - - - - 9 - 9 - 2 6 - - - - - - - - - - -
- Command Injection Over HTTP - 6 9 - - - - - - - - - - - - - - - - - - - -
- Linux System Files Information Disclosure - 7 - - - - - - - - - - - - - - 2 - - - - - -
- Muieblackcat PHP Scanner - 10 - - 9 - - - - - - - - - - - - - - - - - -
- OpenSSL TLS DTLS Heartbeat Information Disclosure - - 6 5 3 5 2 1 2 2 3 2 5 6 2 2 5 2 2 2 3 1 3
- w00tw00t security scanner - - - 9 10 - - - - - - - - - - - - - - - - - -
- WordPress xmlrpc Weak Password Access Attempt - - - - - 7 - - - - - - - - - - - - - - - - -
- ZTE F460/F660 Backdoor Unauthorized Access - - - - - 10 - - - - - - - - - - - - - - - - -
- Apache Struts2 Content-Type Remote Code Execution (CVE-2017-5638) - - - - - - 6 - 6 - - - 6 - 5 10 - - - 8 6 3 -
- OpenSSL Padding Oracle Information Disclosure (CVE-2016-2107) - - - - - - - 8 8 9 10 - - - 10 9 - - - - - - -
- HP Universal CMDB Default Credentials Arbitrary File Upload (CVE-2014-2617) - - - - - - - 10 - - - - - - - - - - - - - - -
- Draytek Vigor Command Injection (CVE-2020-8515) - - - - - - - - 5 - - - - - - - - - - - - - -
- D-Link DSL-2750B Remote Command Execution - - - - - - - - 10 8 7 - 10 5 - - 10 10 9 9 8 - -
- Joomla Object Injection Remote Command Execution) - - - - - - - - - 10 - - - 10 8 7 9 6 5 3 4 - -
- Huawei HG532 Router Remote Code Execution - - - - - - - - - - 6 - - - - - - - - - - - -
- Web Server Enforcement Violation - - - - - - - - - - - 10 - - - - - - - - - - -
- Hikvision IP Cameras Information Disclosure - - - - - - - - - - - - - - - - - 9 - - - - -
- OpenDreamBox WebAdmin Plugin Remote Code Execution - - - - - - - - - - - - - - - - - - 8 - - - -
- Microsoft IIS WebDAV ScStoragePathFromUrl Buffer Overflow (CVE-2017-7269) - - - - - - - - - - - - - - - - - - - 10 5 2 1


【ニュース】

◆Phorpiexボットネット用いた攻撃が再び急増 - 6月マルウェアランキング (マイナビニュース, 2020/07/14 10:28)
https://news.biglobe.ne.jp/it/0714/mnn_200714_2411409590.html
https://malware-log.hatenablog.com/entry/2020/07/14/000000_2

◆トロイの木馬「Emotet」が第1位 - 10月マルウェアランキング (マイナビニュース, 2019/11/14 07:17)
https://news.mynavi.jp/article/20191114-923038/

◆暗号通貨マイナーのXMRigが1位、7月マルウェアランキング (マイナビニュース, 2019/08/11 10:38)
https://news.mynavi.jp/article/20190811-874793/
https://malware-log.hatenablog.com/entry/2019/08/11/000000

◆大規模ボットネットが息を潜めてアップグレード、6月マルウェアランキング (マイナビニュース, 2019/07/11 10:55)
https://news.mynavi.jp/article/20190711-857435/
https://malware-log.hatenablog.com/entry/2019/07/11/000000_1

◆確定申告狙うトロイの木馬に注目 - 4月マルウェアランキング (マイナビニュース, 2019/05/15)
https://news.mynavi.jp/article/20190515-823710/
https://malware-log.hatenablog.com/entry/2019/05/15/000000_9

◆仮想通貨マイニング「Coinhive」6位に陥落 - 3月マルウェアランキング (マイナビニュース, 2019/04/12 10:10)
https://news.mynavi.jp/article/20190412-807242/
http://malware-log.hatenablog.com/entry/2019/04/12/000000_12

◆2月マルウェアランキング - 今月もCoinhiveが第1位 (マイナビニュース, 2019/03/14 13:16)
https://news.mynavi.jp/article/20190314-788138/

◆1月マルウェアランキング、Linuxサーバ狙う新マルウェア観測 (マイナビニュース, 2019/02/15 07:15)
https://news.mynavi.jp/article/20190215-771452/
http://malware-log.hatenablog.com/entry/2019/02/15/000000

◆仮想通貨マイニングが上位独占 - 12月マルウェアランキング (マイナビニュース, 2019/01/15 13:45)
https://news.mynavi.jp/article/20190115-756719/
http://malware-log.hatenablog.com/entry/2019/01/15/000000_5

◆トロイの木馬が再活性化 - 8月マルウェアランキング (マイナビニュース, 2018/09/13 11:15)
https://news.mynavi.jp/article/20180913-692140/
http://malware-log.hatenablog.com/entry/2018/09/13/000000

◆IoTを対象とした攻撃増加、7月マルウェアランキング (マイナビニュース, 2018/08/17 10:20)
https://news.mynavi.jp/article/20180817-679298/
http://malware-log.hatenablog.com/entry/2018/08/17/000000

◆バンキング型トロイの木馬が増加 - 6月マルウェアランキング (マイナビニュース, 2018/07/06 12:47)
https://news.mynavi.jp/article/20180706-660076/
http://malware-log.hatenablog.com/entry/2018/07/06/000000_6

【ブログ】

◆January 2021’s Most Wanted Malware: Emotet Continues Reign as Top Malware Threat Despite Takedown (Check Point, 2020/02/11)
https://blog.checkpoint.com/2021/02/11/january-2021s-most-wanted-malware-emotet-continues-reign-as-top-malware-threat-despite-takedown/
https://malware-log.hatenablog.com/entry/2021/02/11/000000_6

◆December 2020’s Most Wanted Malware: Emotet Returns as Top Malware Threat (Check Point, 2021/01/07)
https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
https://malware-log.hatenablog.com/entry/2021/01/07/000000_3

◆November 2020’s Most Wanted Malware: Notorious Phorpiex Botnet Returns As Most Impactful Infection (Check Point, 2020/12/09)
https://blog.checkpoint.com/2020/12/09/november-2020s-most-wanted-malware-notorious-phorpiex-botnet-returns-as-most-impactful-infection/
https://malware-log.hatenablog.com/entry/2020/12/09/000000_2

◆October 2020’s Most Wanted Malware: Trickbot and Emotet Trojans Are Driving Spike in Ransomware Attacks (Check Point, 2020/11/06)
https://blog.checkpoint.com/2020/11/06/october-2020s-most-wanted-malware-trickbot-and-emotet-trojans-are-driving-spike-in-ransomware-attacks/
https://malware-log.hatenablog.com/entry/2020/11/06/000000_12

◆September 2020’s Most Wanted Malware: New Info-stealing Valak Variant Enters Top 10 Malware List For First Time (Check Point, 2020/10/07)
https://blog.checkpoint.com/2020/10/07/september-2020s-most-wanted-malware-new-info-stealing-valak-variant-enters-top-10-malware-list-for-first-time/
https://malware-log.hatenablog.com/entry/2020/10/07/000000_1

◆August 2020’s Most Wanted Malware: Evolved Qbot Trojan Ranks On Top Malware List For First Time (Check Point, 2020/09/09)
https://blog.checkpoint.com/2020/09/09/august-2020s-most-wanted-malware-evolved-qbot-trojan-ranks-on-top-malware-list-for-first-time/
https://malware-log.hatenablog.com/entry/2020/09/09/000000_6

◆July‘s Most Wanted Malware: Emotet Strikes Again After Five-Month Absence (Check Point, 2020/08/07)
https://blog.checkpoint.com/2020/08/07/julys-most-wanted-malware-emotet-strikes-again-after-five-month-absence/
https://malware-log.hatenablog.com/entry/2020/08/07/000000_8

◆June‘s Most Wanted Malware: Notorious Phorpiex Botnet Rises Again, Doubling Its Global Impact On Organizations (Check Point, 2020/07/10)
https://blog.checkpoint.com/2020/07/10/junes-most-wanted-malware-notorious-phorpiex-botnet-rises-again-doubling-its-global-impact-on-organizations/
https://malware-log.hatenablog.com/entry/2020/07/10/000000_5

◆January 2020’s Most Wanted Malware: Coronavirus-themed spam spreads malicious Emotet malware (Check Point, 2020/02/13)
https://blog.checkpoint.com/2020/02/13/january-2020s-most-wanted-malware-coronavirus-themed-spam-spreads-malicious-emotet-malware/
https://malware-log.hatenablog.com/entry/2020/02/13/000000

◆December 2019’s Most Wanted Malware: Greta Thunberg-themed Spam Used to Spread Emotet Malware (Check Point, 2020/01/13)
https://blog.checkpoint.com/2020/01/13/december-2019s-most-wanted-malware-greta-thunberg-themed-spam-used-to-spread-emotet-malware/
https://malware-log.hatenablog.com/entry/2020/01/13/000000

◆November 2019’s Most Wanted Malware: Researchers Warn of Fast-growing Mobile Threat While Emotet’s Impact Declines (Check Point, 2019/12/11)
https://blog.checkpoint.com/2019/12/11/november-2019s-most-wanted-malware-researchers-warn-of-fast-growing-mobile-threat-while-emotets-impact-declines/
https://malware-log.hatenablog.com/entry/2019/12/11/000000_4

◆October 2019’s Most Wanted Malware: the Decline of Cryptominers Continues, as Emotet Botnet Expands Rapidly (Check Point, 2019/11/12)
https://blog.checkpoint.com/2019/11/12/october-2019s-most-wanted-malware-the-decline-of-cryptominers-continues-as-emotet-botnet-expands-rapidly/
https://malware-log.hatenablog.com/entry/2019/11/12/000000_8

◆September 2019’s Most Wanted Malware: Emotet Botnet Starts Spreading Spam Campaigns Again After Three-Month Silence (Check Point, 2019/10/10)
https://blog.checkpoint.com/2019/10/10/september-2019s-most-wanted-malware-emotet-botnet-starts-spreading-spam-campaigns-again-after-three-month-silence/
https://malware-log.hatenablog.com/entry/2019/11/12/000000_8

◆August 2019’s Most Wanted Malware: Echobot Launches Widespread Attack Against IoT Devices (Check point, 2019/09/12)
https://blog.checkpoint.com/2019/09/12/august-2019s-most-wanted-malware-echobot-launches-widespread-attack-against-iot-devices/
https://malware-log.hatenablog.com/entry/2019/09/12/000000_3

◆July 2019’s Most Wanted Malware: Vulnerability in OpenDreamBox 2.0.0 WebAdmin Plugin Enables Attackers to Execute Commands Remotely (CheckPoint, 2019/08/08)
https://blog.checkpoint.com/2019/08/08/july-2019s-most-wanted-malware-vulnerability-in-opendreambox-2-0-0-webadmin-plugin-enables-attackers-to-execute-commands-remotely/
https://malware-log.hatenablog.com/entry/2019/08/08/000000_8

◆November 2018’s Most Wanted Malware: The Rise of the Thanksgiving Day Botnet (Check Point, 2018/12/11)
https://blog.checkpoint.com/2018/12/11/november-2018s-most-wanted-malware-the-rise-of-the-thanksgiving-day-botnet/
http://malware-log.hatenablog.com/entry/2018/12/11/000000_4

◆October 2018’s Most Wanted Malware: For The First Time, Remote Access Trojan Reaches Top 10 Threats (Check Point, 2018/11/13)
https://blog.checkpoint.com/2018/11/13/october-2018s-most-wanted-malware-for-the-first-time-remote-access-trojan-reaches-top-threats-cryptomining/
http://malware-log.hatenablog.com/entry/2018/11/13/000000_11

◆September 2018’s Most Wanted Malware: Cryptomining Attacks Against Apple Devices On The Rise (Check Point, 2018/10/15)
https://blog.checkpoint.com/2018/10/15/september-2018s-most-wanted-malware-cryptomining-attacks-against-apple-devices-on-the-rise/
http://malware-log.hatenablog.com/entry/2018/10/15/000000_9

◆August’s Most Wanted Malware: Banking Trojan Attacks Turn up the Heat (Check Point, 2018/09/11)
https://blog.checkpoint.com/2018/09/11/augusts-most-wanted-malware-banking-trojan-attacks-turn-up-the-heat/
http://malware-log.hatenablog.com/entry/2018/09/11/000000_11

◆June’s Most Wanted Malware: Banking Trojans Up 50% Among Threat Actors (Check Point, 2018/07/05)
https://blog.checkpoint.com/2018/07/05/junes-most-wanted-malware-banking-trojans-crypto-mining/
http://malware-log.hatenablog.com/entry/2018/07/05/000000_7

◆May’s Most Wanted Malware: Cryptomining Malware Digs into Nearly 40% of Organizations Globally (Check Point, 2018/06/07)
https://blog.checkpoint.com/2018/06/07/mays-wanted-malware/
http://malware-log.hatenablog.com/entry/2018/06/07/000000_8

◆April 2019’s Most Wanted Malware: Cybercriminals up to Old ‘TrickBots’ Again (Check Point, 2019/05/14)
https://blog.checkpoint.com/2019/05/14/april-2019s-most-wanted-malware-cybercriminals-up-to-old-trickbots-crypto-cryptomining-security-ryuk/
https://malware-log.hatenablog.com/entry/2019/05/14/000000_5

◆May 2019’s Most Wanted Malware: Patch Now to Avoid the BlueKeep Blues (Check Point, 2019/06/13)
https://blog.checkpoint.com/2019/06/13/may-2019-most-wanted-malware-bluekeep-microsoft-rdp-cryptocurrency-malware/
https://malware-log.hatenablog.com/entry/2019/06/13/000000_8


【関連まとめ記事】

全体まとめ

◆資料・報告書 (まとめ)
https://malware-log.hatenablog.com/entry/Report


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2020