Check Point Research has published its latest UAE Threat Index for January 2021. Researchers found that banking trojan Trickbot impacted 7% of organizations in the UAE, while the Emotet trojan which has remained in first place in the top malware list globally for a second month running impacting 6% of businesses in the UAE.
Trickbot is a modular Banking Trojan that targets the Windows platform and is mostly delivered via spam campaigns or other malware families such as Emotet. Once a machine is infected, the Trickbot gang, the threat actors behind this malware, utilize this wide array of modules not only to steal banking credentials from the target PC, but also for lateral movement and reconnaissance on the targeted organization itself, prior to delivering a company-wide targeted ransomware attack.
After an international police takedown on January 27, 2021, Emotet witnessed a 14% decrease in the number of organizations that were impacted by the botnet activity, and law enforcement agencies plan to mass-uninstall Emotet from infected hosts on April 25thFirst identified in 2014, Emotet has been regularly updated by its developers to maintain its effectiveness for malicious activity. Emotet maintained the top position in Check Point’s Global Threat Index, highlighting the vast global impact this botnet has had.
“We’re seeing an increase in ransomware and malware attacks in the UAE since the pandemic began last year. While Emotet continues to impact businesses, it is interesting to see how quickly Trickbot has evolved as top malware targeting organizations in the UAE,” said Ram Narayanan, Country Manager, Check Point Software Technologies – Middle East. “Considering UAE is currently ranked no 32 on the high-risk index, businesses must be extra vigilant and deploy efficient technologies to prevent these attacks in real-time to ensure these malwares don’t cause further serious damage by being the gateway to a ransomware attack. It is also important for businesses to continue providing comprehensive training for employees to identify malicious emails and avoid the spread of trojans and bots.”
Trickbot ranks as the most popular malware with a UAE-wide impact of 7%, closely followed by Emotet and Hiddad impacting of 6% of organizations each.
Hiddad is followed closely by xHelper, a malicious application seen in the wild since March 2019, and used for downloading other malicious apps and display advertisement, impacting 5% of users. The application is capable of hiding itself from the user, and reinstall itself in case it was uninstalled.
Remote access trojan, njRAT which targets mainly government agencies and organizations in the Middle East impacted 3% of UAE organizations.