Dridex, a Trojan that targets Windows users, was the most prevalent malware in April 2021, according to the "Global Threat Index" from cybersecurity company Check Point Software Technologies.
Cybercriminals have been using Dridex to spread malware via a QuickBooks Malspam Campaign, Check Point noted. They are leveraging phishing emails that feature QuickBooks's branding to lure users with fake payment notifications and invoices.
During these Dridex attacks, cybercriminals are sharing email content that asks users to download a malicious Microsoft Excel attachment, Check Point noted. When users download the attachment, Dridex can infect their system.
Agent Tesla Ranks Second Among Most Prevalent Malware in April 2021
The Agent Tesla remote access Trojan (RAT) ranked second among the most prevalent malware in Check Point's April 2021 Global Threat Index. Agent Tesla is a keylogger and information stealer capable of monitoring and collecting a victim's keyboard inputs, taking screenshots and exfiltrating software credentials.
Furthermore, the Trickbot modular botnet and banking Trojan ranked third in terms of the most prevalent malware in Check Point's April 2021 Global Threat Index. Trickbot is a customizable malware that can be distributed during multi-purpose campaigns.
Top Exploited Vulnerabilities, Mobile Malware in April 2021
Along with the most prevalent malware, Check Point cited "Web Server Exposed Git Repository Information Disclosure" as the most common exploited vulnerability in its April 2021 Global Threat Index. "HTTP Headers Remote Code Execution (CVE-2020-13756)" ranked second among the most common exploited vulnerabilities, followed by "MVPower DVR Remote Code Execution."
Meanwhile, the xHelper malicious application was the most common mobile malware identified in April 2021, according to Check Point's April 2021 Global Threat Index. It was followed by Triada and Hiddad, both of which can be used to launch Android malware attacks.