TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

Check Point マルウェアランキング (まとめ)

【図表】


過去12か月の順位推移


【ランキング】

■マルウェア

2022年2021年2020年2019年2018年
順位
マルウェア名
4月 3月 2月 1月 12月 11月 10月 9月 8月 7月 6月 5月 4月 3月 2月 1月 12月 11月 10月 9月 8月 7月 6月 5月 4月 3月 2月 1月 12 月 11 月 10月 9月 8月 7月 6月 5月 4月 3月 2月 1月 12月 11月 10月 9月 8月 7月 6月 5月
1 Emotet 1 1 1 1 2 7 1 1 5 1 1 1 1 7 6 9 5 2 1 1 1 1 5 7 4 5 4 4 2 3 5 5 7 10
2 Formbook 2 2 3 3 3 9 2 1 4 3 3 6 8 4 6 3 4 5 3 5 9 4 7 7 8 5 8 4 9 4 9 9 9
3 Agent Tesla 3 2 4 4 4 2 7 4 3 8 5 4 2 4 4 2 3 1 2 3 6 6 4 4 9 8 3 5 6 10 7
4 XMRig 4 3 5 5 7 6 2 3 4 3 2 2 4 7 2 5 5 7 7 5 5 6 3 3 2 1 1 2 2 2 2 2 1 1 1 2 2 3 4 2 2 9 7 8 7 7 7 7
5 Glupteba 5 4 3 6 5 4 4 5 5 5 4 6 8 10 6 10 7 7 9 8 9 10 10
6 Lokibot 6 10 5 3
7 Ramnit 7 5 7 8 8 8 6 8 7 6 6 7 9 8 10 9 10 8 6 8 6 8 6 9 7 6 6 6 6 9 6 8 6 5 6 7 10 10 8 8 7 6 10 10
8 Phorpiex 8 7 9 9 10 9 10 8 8 10 5 2 1 2
9 Mirai 9 6 7 10
10 Remcos 10 8 7 6 5 3 6 6 9
- Tofsee 9 10 5 7 8 7
- Nanocore 10 10 7 9 5 8
- Trickbot 6 2 1 1 1 1 2 1 1 1 3 6 1 3 2 6 2 2 4 4 5 7 5 4 4 3 3 3 3 6 4 7 10 8 8
- Snake Keylogger 8 2
- Dridex 9 1 1 7 4 4 2 4 3 2 4 1 1 3
- Floxif 9 9 10 10
- Vidar 10 9 7 7
- Ursnif 8 9 5
- njRAT 10 10
- Qbot 9 7 9 5 5 3 8 6 10 6 6 10
- xHelper 9 9 8 10 10 8
- IcedID 10 2
- RigEK 9 9 8 8 10 8 10 10 10 7
- Hiddad 7 7 3 3
- Zloader 9 8
- Valak 9
- NetwiredRC 10
- Lokibot 10 8 5 8 5 7 10 10 6 10 9 8
- JSEcoin 4 2 3 4 1 2 2 2 3 3 5 5 4 3 6 6 5 5 5 6 4
- Hawkeye 9 7
- Dorkbot 5 5 8 3 3 4 7 5 4 6 7 7 5 3 2 2 3 3 8
- Cryptoloot 10 7 8 10 3 1 1 1 2 3 4 2 2 3 4 2 2 2
- Nivdort 9 8 7 6 6 10 10 8
- Sality 9
- Coinhive 6 1 1 1 1 1 1 1 1 1 1
- Gandcrab 8 9
- Authedmine 9 10
- Smokeloader 9
- Andromeda 3 5 4 3 4 4 5
- Roughted 4 4 6 8 6 5 3
- Conficker 8 9 9 9 8 10
- FlawedAmmyy RAT 10
- Fireball 6
- Necurs 9


■脆弱性

2022年2021年2020年
順位
脆弱性
4月 3月 2月 1月 12月 11月 10月 9月 8月 7月 6月 5月 4月 3月 2月 1月 12月 11月 10月 9月 8月 7月 6月 5月 4月 3月
備考
1 Web Server Exposed Git Repository Information Disclosure 1 2 1 5 3 4 7 5 1 7 3 3 4 7 2 3 5 3 8 4 4 2 2 Git Repository
2 Apache Log4j Remote Code Execution 2 1 Apache Log4j, CVE202144228
3 Apache Struts ParametersInterceptor ClassLoader Security Bypass 3
4 Web Servers Malicious URL Directory Traversal 4 Directory Traversal
5 HTTP Headers Remote Code Execution 5 3 2 2 2 1 3 4 6 5 6 CVE202013756 など
6 Command Injection Over HTTP Payload 6 5 4 5 5 8 9 3 3 9 8 1 4 8 6 4 7
7 MVPower DVR Remote Code Execution 7 5 3 1 1 2 1 1 2 1 2 1 1 1 1 1 2 3 3 1 3 3
8 WordPress portablephpMyAdmin Plugin Authentication Bypass 8 9 8 10 6 10 7 7 8 9 8 7 6 7 5 7 6 10 CVE-2012-5469
9 Dasan GPON Router Authentication Bypass 9 8 4 3 4 3 2 2 3 4 4 4 4 5 4 4 7 9 CVE201810561
10 PHP Easter Egg Information Disclosure 10 7
- DLINK Multiple Products Remote Code Execution 6 CVE20152051
- Linux System Files Information Disclosure 9 7 2 CVE20183948,CVE20183948,CVE202223119
- PHPUnit Command Injection 10 CVE20179841
- SQL Injection (several techniques) 6 6 8 8 8 8 8 8 5 5 9 5 7 4 1 1 4 1 1 1 1
- Draytek Vigor Command Injection 7 7 9 7 4 6 4 CVE-2020-8515
- PHP DIESCAN information disclosure 8 9 10 9 7 6 8 3 3 9 6 4 8 7 6 5 7
- PHP phpcgi Query String Parameter Code Execution 10 10 9 9 2 6
- Command Injection Over HTTP 6 9
- Muieblackcat PHP Scanner 10 9
- OpenSSL TLS DTLS Heartbeat Information Disclosure 6 5 3 5 2 1 2 2 3 2 5 6 2 2 5 2 2 2 3 1 3
- w00tw00t security scanner 9 10
- WordPress xmlrpc Weak Password Access Attempt 7
- ZTE F460/F660 Backdoor Unauthorized Access 10
- Apache Struts2 ContentType Remote Code Execution 6 6 6 5 10 8 6 3 CVE-2017-5638
- OpenSSL Padding Oracle Information Disclosure 8 8 9 10 10 9 CVE-2016-2107
- HP Universal CMDB Default Credentials Arbitrary File Upload 10 CVE-2014-2617
- Draytek Vigor Command Injection 5 CVE-2020-8515
- DLink DSL2750B Remote Command Execution 10 8 7 10 5 10 10 9 9 8
- Joomla Object Injection Remote Command Execution 10 10 8 7 9 6 5 3 4
- Huawei HG532 Router Remote Code Execution 6
- Web Server Enforcement Violation 10
- Hikvision IP Cameras Information Disclosure 9
- OpenDreamBox WebAdmin Plugin Remote Code Execution 8
- Microsoft IIS WebDAV ScStoragePathFromUrl Buffer Overflow (CVE20177269) 10 5 2 1


■モバイルマルウェア

2022年2021年2020年
順位 マルウェア名 4月 3月 2月 1月 12月 11月 10月 9月 8月 7月 6月 5月 4月 3月 2月 1月 12月 11月 10月 9月 8月 7月 6月 5月 4月
備考
1 AlienBot 1 1 2 Android の MaaS
2 FluBot 2 3 Android ボットネット
3 xHelper 3 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1
- Hiddad 1 1 1 1 1 3 3 2 3 2 3 3 3 2 3
- FurBall 3 3
- Triada 3 3 3 2 3 1
- Lotoor 3 3 3 2 3 3 2 1 1 1 1 1 2
- Necro 2 2 1 2
- PreAmo 3 1
- AndroidBauts 3 2 3 2 2 2
- Guerrilla 3 2 2 2 1
- Piom 3
- Xafekopy 3
- Ztorg 3


【ニュース】

■2022年

◆1月マルウェアランキング、Emotetが首位に返り咲き (マイナビニュース, 2022/02/13 20:39)
https://news.mynavi.jp/techplus/article/20220213-2270186/
https://malware-log.hatenablog.com/entry/2022/02/13/000000


■2020年

◆Phorpiexボットネット用いた攻撃が再び急増 - 6月マルウェアランキング (マイナビニュース, 2020/07/14 10:28)
https://news.biglobe.ne.jp/it/0714/mnn_200714_2411409590.html
https://malware-log.hatenablog.com/entry/2020/07/14/000000_2


■2019年

◆トロイの木馬「Emotet」が第1位 - 10月マルウェアランキング (マイナビニュース, 2019/11/14 07:17)
https://news.mynavi.jp/article/20191114-923038/

◆暗号通貨マイナーのXMRigが1位、7月マルウェアランキング (マイナビニュース, 2019/08/11 10:38)
https://news.mynavi.jp/article/20190811-874793/
https://malware-log.hatenablog.com/entry/2019/08/11/000000

◆大規模ボットネットが息を潜めてアップグレード、6月マルウェアランキング (マイナビニュース, 2019/07/11 10:55)
https://news.mynavi.jp/article/20190711-857435/
https://malware-log.hatenablog.com/entry/2019/07/11/000000_1

◆確定申告狙うトロイの木馬に注目 - 4月マルウェアランキング (マイナビニュース, 2019/05/15)
https://news.mynavi.jp/article/20190515-823710/
https://malware-log.hatenablog.com/entry/2019/05/15/000000_9

◆仮想通貨マイニング「Coinhive」6位に陥落 - 3月マルウェアランキング (マイナビニュース, 2019/04/12 10:10)
https://news.mynavi.jp/article/20190412-807242/
http://malware-log.hatenablog.com/entry/2019/04/12/000000_12

◆2月マルウェアランキング - 今月もCoinhiveが第1位 (マイナビニュース, 2019/03/14 13:16)
https://news.mynavi.jp/article/20190314-788138/

◆1月マルウェアランキング、Linuxサーバ狙う新マルウェア観測 (マイナビニュース, 2019/02/15 07:15)
https://news.mynavi.jp/article/20190215-771452/
http://malware-log.hatenablog.com/entry/2019/02/15/000000

◆仮想通貨マイニングが上位独占 - 12月マルウェアランキング (マイナビニュース, 2019/01/15 13:45)
https://news.mynavi.jp/article/20190115-756719/
http://malware-log.hatenablog.com/entry/2019/01/15/000000_5

■2019年

◆トロイの木馬が再活性化 - 8月マルウェアランキング (マイナビニュース, 2018/09/13 11:15)
https://news.mynavi.jp/article/20180913-692140/
http://malware-log.hatenablog.com/entry/2018/09/13/000000

◆IoTを対象とした攻撃増加、7月マルウェアランキング (マイナビニュース, 2018/08/17 10:20)
https://news.mynavi.jp/article/20180817-679298/
http://malware-log.hatenablog.com/entry/2018/08/17/000000

◆バンキング型トロイの木馬が増加 - 6月マルウェアランキング (マイナビニュース, 2018/07/06 12:47)
https://news.mynavi.jp/article/20180706-660076/
http://malware-log.hatenablog.com/entry/2018/07/06/000000_6

【ブログ】

■2022年

March 2022’s Most Wanted Malware: Easter Phishing Scams Help Emotet Assert its Dominance
https://blog.checkpoint.com/2022/04/12/march-2022s-most-wanted-malware-easter-phishing-scams-help-emotet-assert-its-dominance/
https://malware-log.hatenablog.com/entry/2022/04/12/000000_10

◆December 2021’s Most Wanted Malware: Trickbot, Emotet and the Log4j plague (Check Point, 2022/01/12)
https://blog.checkpoint.com/2022/01/12/december-2021s-most-wanted-malware-trickbot-emotet-and-the-log4j-plague/
https://malware-log.hatenablog.com/entry/2022/01/12/000000_5


■2021年

◆November 2021’s Most Wanted Malware: Emotet Returns to the Top 10 (Check Point, 2021/12/09)
https://blog.checkpoint.com/2021/12/09/november-2021s-most-wanted-malware-emotet-returns-to-the-top-10/
https://malware-log.hatenablog.com/entry/2021/12/09/000000_8

◆October 2021’s Most Wanted Malware: Trickbot Takes Top Spot for Fifth Time (Check Point, 2021/11/11)
https://blog.checkpoint.com/2021/11/11/october-2021s-most-wanted-malware-trickbot-takes-top-spot-for-fifth-time/
https://malware-log.hatenablog.com/entry/2021/11/11/000000_6

◆September 2021’s Most Wanted Malware: Trickbot Once Again Tops the List (Check Point, 2021/10/08)
https://blog.checkpoint.com/2021/10/08/september-2021s-most-wanted-malware-trickbot-once-again-tops-the-list/
https://malware-log.hatenablog.com/entry/2021/10/08/000000_13

◆August 2021’s Most Wanted Malware: Formbook Climbs into First Place (Checkpoint, 2021/09/10)
https://blog.checkpoint.com/2021/09/10/august-2021s-most-wanted-malware-formbook-climbs-into-first-place/
https://malware-log.hatenablog.com/entry/2021/09/10/000000_8

◆July 2021’s Most Wanted Malware: Snake Keylogger Enters Top 10 for First Time (Check Point, 2021/08/12)
https://blog.checkpoint.com/2021/08/12/july-2021s-most-wanted-malware-snake-keylogger-enters-top-10-for-first-time/
https://malware-log.hatenablog.com/entry/2021/08/12/000000_12

◆June 2021’s Most Wanted Malware: Trickbot Remains on Top (Check Point, 2021/07/13)
https://blog.checkpoint.com/2021/07/13/june-2021s-most-wanted-malware-trickbot-remains-on-top/
https://malware-log.hatenablog.com/entry/2021/07/13/000000_6

◆Check Point Software´s May 2021 Most Wanted Malware: Dridex Drops from List While Trickbot Rises to Top (Check Point, 2021/06/10)
https://blog.checkpoint.com/2021/06/10/check-point-softwares-may-2021-most-wanted-malware-dridex-drops-from-list-while-trickbot-rises-to-top/
https://malware-log.hatenablog.com/entry/2021/06/10/000000_14

◆April 2021’s Most Wanted Malware: Dridex Remains in Top Position Amidst Global Surge in Ransomware Attacks (Check Point, 2021/05/13)
https://blog.checkpoint.com/2021/05/13/april-2021s-most-wanted-malware-dridex-remains-in-top-position-amidst-global-surge-in-ransomware-attacks/
https://malware-log.hatenablog.com/entry/2021/05/13/000000_16

◆March 2021’s Most Wanted Malware: IcedID Banking Trojan Enters Top 10 Following Covid-Related Campaign (Check Point, 2021/04/13)
https://blog.checkpoint.com/2021/04/13/march-2021s-most-wanted-malware-icedid-banking-trojan-enters-top-10-following-covid-related-campaign/
https://malware-log.hatenablog.com/entry/2021/04/13/000000_8

◆February 2021’s Most Wanted Malware: Trickbot Takes Over Following Emotet Shutdown (Check Point, 2021/03/11)
https://blog.checkpoint.com/2021/03/11/february-2021s-most-wanted-malware-trickbot-takes-over-following-emotet-shutdown/
https://malware-log.hatenablog.com/entry/2021/03/11/000000_12

◆January 2021’s Most Wanted Malware: Emotet Continues Reign as Top Malware Threat Despite Takedown (Check Point, 2021/02/11)
https://blog.checkpoint.com/2021/02/11/january-2021s-most-wanted-malware-emotet-continues-reign-as-top-malware-threat-despite-takedown/
https://malware-log.hatenablog.com/entry/2021/02/11/000000_6

◆December 2020’s Most Wanted Malware: Emotet Returns as Top Malware Threat (Check Point, 2021/01/07)
https://blog.checkpoint.com/2021/01/07/december-2020s-most-wanted-malware-emotet-returns-as-top-malware-threat/
https://malware-log.hatenablog.com/entry/2021/01/07/000000_3


■2020年

◆November 2020’s Most Wanted Malware: Notorious Phorpiex Botnet Returns As Most Impactful Infection (Check Point, 2020/12/09)
https://blog.checkpoint.com/2020/12/09/november-2020s-most-wanted-malware-notorious-phorpiex-botnet-returns-as-most-impactful-infection/
https://malware-log.hatenablog.com/entry/2020/12/09/000000_2

◆October 2020’s Most Wanted Malware: Trickbot and Emotet Trojans Are Driving Spike in Ransomware Attacks (Check Point, 2020/11/06)
https://blog.checkpoint.com/2020/11/06/october-2020s-most-wanted-malware-trickbot-and-emotet-trojans-are-driving-spike-in-ransomware-attacks/
https://malware-log.hatenablog.com/entry/2020/11/06/000000_12

◆September 2020’s Most Wanted Malware: New Info-stealing Valak Variant Enters Top 10 Malware List For First Time (Check Point, 2020/10/07)
https://blog.checkpoint.com/2020/10/07/september-2020s-most-wanted-malware-new-info-stealing-valak-variant-enters-top-10-malware-list-for-first-time/
https://malware-log.hatenablog.com/entry/2020/10/07/000000_1

◆August 2020’s Most Wanted Malware: Evolved Qbot Trojan Ranks On Top Malware List For First Time (Check Point, 2020/09/09)
https://blog.checkpoint.com/2020/09/09/august-2020s-most-wanted-malware-evolved-qbot-trojan-ranks-on-top-malware-list-for-first-time/
https://malware-log.hatenablog.com/entry/2020/09/09/000000_6

◆July‘s Most Wanted Malware: Emotet Strikes Again After Five-Month Absence (Check Point, 2020/08/07)
https://blog.checkpoint.com/2020/08/07/julys-most-wanted-malware-emotet-strikes-again-after-five-month-absence/
https://malware-log.hatenablog.com/entry/2020/08/07/000000_8

◆June‘s Most Wanted Malware: Notorious Phorpiex Botnet Rises Again, Doubling Its Global Impact On Organizations (Check Point, 2020/07/10)
https://blog.checkpoint.com/2020/07/10/junes-most-wanted-malware-notorious-phorpiex-botnet-rises-again-doubling-its-global-impact-on-organizations/
https://malware-log.hatenablog.com/entry/2020/07/10/000000_5

◆January 2020’s Most Wanted Malware: Coronavirus-themed spam spreads malicious Emotet malware (Check Point, 2020/02/13)
https://blog.checkpoint.com/2020/02/13/january-2020s-most-wanted-malware-coronavirus-themed-spam-spreads-malicious-emotet-malware/
https://malware-log.hatenablog.com/entry/2020/02/13/000000

◆December 2019’s Most Wanted Malware: Greta Thunberg-themed Spam Used to Spread Emotet Malware (Check Point, 2020/01/13)
https://blog.checkpoint.com/2020/01/13/december-2019s-most-wanted-malware-greta-thunberg-themed-spam-used-to-spread-emotet-malware/
https://malware-log.hatenablog.com/entry/2020/01/13/000000


■2019年

◆November 2019’s Most Wanted Malware: Researchers Warn of Fast-growing Mobile Threat While Emotet’s Impact Declines (Check Point, 2019/12/11)
https://blog.checkpoint.com/2019/12/11/november-2019s-most-wanted-malware-researchers-warn-of-fast-growing-mobile-threat-while-emotets-impact-declines/
https://malware-log.hatenablog.com/entry/2019/12/11/000000_4

◆October 2019’s Most Wanted Malware: the Decline of Cryptominers Continues, as Emotet Botnet Expands Rapidly (Check Point, 2019/11/12)
https://blog.checkpoint.com/2019/11/12/october-2019s-most-wanted-malware-the-decline-of-cryptominers-continues-as-emotet-botnet-expands-rapidly/
https://malware-log.hatenablog.com/entry/2019/11/12/000000_8

◆September 2019’s Most Wanted Malware: Emotet Botnet Starts Spreading Spam Campaigns Again After Three-Month Silence (Check Point, 2019/10/10)
https://blog.checkpoint.com/2019/10/10/september-2019s-most-wanted-malware-emotet-botnet-starts-spreading-spam-campaigns-again-after-three-month-silence/
https://malware-log.hatenablog.com/entry/2019/11/12/000000_8

◆August 2019’s Most Wanted Malware: Echobot Launches Widespread Attack Against IoT Devices (Check point, 2019/09/12)
https://blog.checkpoint.com/2019/09/12/august-2019s-most-wanted-malware-echobot-launches-widespread-attack-against-iot-devices/
https://malware-log.hatenablog.com/entry/2019/09/12/000000_3

◆July 2019’s Most Wanted Malware: Vulnerability in OpenDreamBox 2.0.0 WebAdmin Plugin Enables Attackers to Execute Commands Remotely (CheckPoint, 2019/08/08)
https://blog.checkpoint.com/2019/08/08/july-2019s-most-wanted-malware-vulnerability-in-opendreambox-2-0-0-webadmin-plugin-enables-attackers-to-execute-commands-remotely/
https://malware-log.hatenablog.com/entry/2019/08/08/000000_8

◆May 2019’s Most Wanted Malware: Patch Now to Avoid the BlueKeep Blues (Check Point, 2019/06/13)
https://blog.checkpoint.com/2019/06/13/may-2019-most-wanted-malware-bluekeep-microsoft-rdp-cryptocurrency-malware/
https://malware-log.hatenablog.com/entry/2019/06/13/000000_8

◆April 2019’s Most Wanted Malware: Cybercriminals up to Old ‘TrickBots’ Again (Check Point, 2019/05/14)
https://blog.checkpoint.com/2019/05/14/april-2019s-most-wanted-malware-cybercriminals-up-to-old-trickbots-crypto-cryptomining-security-ryuk/
https://malware-log.hatenablog.com/entry/2019/05/14/000000_5


■2018年

◆November 2018’s Most Wanted Malware: The Rise of the Thanksgiving Day Botnet (Check Point, 2018/12/11)
https://blog.checkpoint.com/2018/12/11/november-2018s-most-wanted-malware-the-rise-of-the-thanksgiving-day-botnet/
http://malware-log.hatenablog.com/entry/2018/12/11/000000_4

◆October 2018’s Most Wanted Malware: For The First Time, Remote Access Trojan Reaches Top 10 Threats (Check Point, 2018/11/13)
https://blog.checkpoint.com/2018/11/13/october-2018s-most-wanted-malware-for-the-first-time-remote-access-trojan-reaches-top-threats-cryptomining/
http://malware-log.hatenablog.com/entry/2018/11/13/000000_11

◆September 2018’s Most Wanted Malware: Cryptomining Attacks Against Apple Devices On The Rise (Check Point, 2018/10/15)
https://blog.checkpoint.com/2018/10/15/september-2018s-most-wanted-malware-cryptomining-attacks-against-apple-devices-on-the-rise/
http://malware-log.hatenablog.com/entry/2018/10/15/000000_9

◆August’s Most Wanted Malware: Banking Trojan Attacks Turn up the Heat (Check Point, 2018/09/11)
https://blog.checkpoint.com/2018/09/11/augusts-most-wanted-malware-banking-trojan-attacks-turn-up-the-heat/
http://malware-log.hatenablog.com/entry/2018/09/11/000000_11

◆June’s Most Wanted Malware: Banking Trojans Up 50% Among Threat Actors (Check Point, 2018/07/05)
https://blog.checkpoint.com/2018/07/05/junes-most-wanted-malware-banking-trojans-crypto-mining/
http://malware-log.hatenablog.com/entry/2018/07/05/000000_7

◆May’s Most Wanted Malware: Cryptomining Malware Digs into Nearly 40% of Organizations Globally (Check Point, 2018/06/07)
https://blog.checkpoint.com/2018/06/07/mays-wanted-malware/
http://malware-log.hatenablog.com/entry/2018/06/07/000000_8

【関連まとめ記事】

全体まとめ

◆資料・報告書 (まとめ)
https://malware-log.hatenablog.com/entry/Report