Content, Channel partners

Check Point Software Technologies: Qbot Top Malware in March 2023

Bank building icon form lines, triangles and particle style design. Illustration vector

The Qbot banking Trojan ranked first among the most prevalent malware and impacted more than 10% of organizations worldwide in March 2023, according to the Check Point Software Technologies Global Threat Index.

Qbot Can Steal Banking Info

Cybercriminals use Qbot to steal a user's banking credentials or keystrokes. The malware utilizes several techniques to evade detection by commonly used cybersecurity tools.

Meanwhile, the Emotet self-propagating Trojan was second on Check Point's list of the most prevalent malware and impacted 4% of organizations in March 2023, Check Point noted.

Cybercriminals started using Emotet in 2023 to send spam emails containing a malicious Microsoft OneNote file. Since that time, Microsoft has been blocking macros from Office files, and cybercriminals have been exploring alternative ways to distribute malicious files, Check Point noted.

Top Mobile Malware Families, Industries Prone to Cyberattacks

Other notable results from Check Point's Global Threat Index include:

  • The Apache Log4j Remote Code Execution was the most exploited vulnerability in March 2023, Check Point indicated in its Global Threat Index and impacted 44% of organizations.
  • The AhMyth remote access Trojan was the most prevalent mobile malware family, followed by the Anubis banking Trojan and Hiddad Android malware.
  • The education/research sector was the most targeted industry for cyberattacks, followed by the government/military and healthcare segments.

Organizations use security tools to combat cybercriminals, but it is nearly impossible to stop all attacks from bypassing various security measures, Check Point vice president of Research Maya Horowitz said.

However, organizations that implement security measures and teach their employees about cyber risks are well equipped to protect against current and emerging threats.

Furthermore, MSSPs can teach organizations about cyber risks and offer tips and recommendations to address these issues. They can also provide these organizations with managed security services that they can use to optimize their security posture.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.