October 2, 2023

The Qbot Trojan overtook Emotet as the most prevalent malware found in the wild in December 2022, impacting 7% of organizations worldwide. Additionally, the Glupteba malware, a blockchain-enabled Trojan botnet, returned to the top 10 list for the first time since July 2022.

Another piece of malware growing in adoption in December 2022 was the ad-distributing Android threat known as Hiddad, which entered the top-three mobile malware list for the first time in 2022, just before the end of the year.

In terms of industry, education/research remained the most attacked sector globally last month, followed by government/military and healthcare.


As for the most exploited vulnerabilities in December 2022, a web server flaw that exposed GitHub repository information was at the top of the list, followed by various vulnerabilities that leveraged a directory traversal flaw on different web servers.

The findings come from Check Point Software Technologies, which published its Global Threat Index for December 2022

Malware List

  • Qbot
  • Emotet
  • XMRig
  • Formbook
  • Nanocore
  • Ramnit
  • Remcos
  • Glupteba
  • AgentTesla
  • Phorpiex

Mobile malwares

  • Anubis
  • Hiddad
  • AlienBot

Most Exploited Vulnerabilities

  • Web Server Exposed Git Repository Information Disclosure
  • Web Servers Malicious URL Directory Traversal –
  • Command Injection Over HTTP
  • HTTP Headers Remote Code Execution
  • MVPower DVR Remote Code Execution
  • Dasan GPON Router Authentication Bypass
  • PHP Easter Egg Information Disclosure
  • Microsoft Windows HTTP.sys Remote Code Execution
  • WordPress portable-phpMyAdmin Plugin Authentication Bypass
  • PHPUnit Command Injection

Leave a Reply

%d bloggers like this: