Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • New Valak Variant Makes “Most Wanted Malware” List for First Time
  • Cyber Attacks
  • Data Breach
  • Malware

New Valak Variant Makes “Most Wanted Malware” List for First Time

5 years ago David Bisson
New Valak Variant Makes “Most Wanted Malware” List for First Time

An updated variant of the Valak malware family earned a place on a security firm’s “most wanted malware” list for the first time.

Check Point revealed that an updated version of Valak ranked as the ninth most prevalent malware in its Global Threat Index for September 2020.

First detected back in 2019, Valak garnered the attention of Cybereason in May 2020 for its ability to function beyond a malware loader and independently operate as an information stealer.

That was just a month before SentinelOne observed Valak using “clientgrabber,” a plugin which enabled the malware to steal email credentials from the registry. The security firm also noted that it had seen some connections between the Gozi ConfCrew and Valak.

At the beginning of July 2020, Cisco Talos revealed that it had witnessed Valak using stolen email threads and password-protected .ZIP archives to target organizations in the financial, manufacturing, health care and insurance sectors.

September 2020 marked the third successive month of Emotet’s run at the top of Check Point’s Global Threat Index. Meanwhile, the Qbot trojan rose from 10th place to 6th place that same month.

Check Point urged organizations to actively respond to these developments by safeguarding their information. As quoted in a blog post:

These new campaigns spreading Valak are another example of how threat actors look to maximize their investments in established, proven forms of malware. Together with the updated versions of Qbot which emerged in August, Valak is intended to enable data and credentials theft at scale from organizations and individuals. Businesses should look at deploying anti-malware solutions that can prevent such content reaching end-users, and advise their employees to be cautious when opening emails, even when they appear to be from a trusted source.

Towards those ends, organizations can use Tripwire File Analyzer to evaluate suspicious files in quarantined environments and receive detailed reports about relevant system changes. They can also use these tips to educate their employees about the dangers of phishing attacks.

The post ” New Valak Variant Makes “Most Wanted Malware” List for First Time” appeared first on TripWire

Source:TripWire – David Bisson

Tags: Malware, Phishing, TripWire

Continue Reading

Previous Lessons From Teaching Cybersecurity: Week 2
Next A Handy Guide for Choosing a Managed Detection & Response (MDR) Service

More Stories

  • Cyber Attacks
  • Data Breach

Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos

2 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats

6 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach

Securing the Mid-Market Across the Complete Threat Lifecycle

6 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

9 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware

12 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

13 hours ago [email protected] (The Hacker News)

Recent Posts

  • Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos
  • ⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats
  • Securing the Mid-Market Across the Complete Threat Lifecycle
  • Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users
  • eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT