Emotet back on top as nastiest malware

By Dylan Bushell-Embling
Tuesday, 11 October, 2022

Emotet has regained its place as the nastiest malware threat following its takedown early last year, according to OpenText Security Solutions’ latest Nastiest Malware report.

The 2022 edition of the report found that Emotet remains the most successful botnet in existence, sending malspam campaigns to billions of emails daily.

But LockBit remains the most prolific and successful ransomware group, having this year added a third layer of extortion to its tactics of holding data to ransom and then threatening to leak it. The third layer involves a DDoS attack on an entire system to completely lock it down, OpenText said.

Other notable malware threats include Qbot, possibly the oldest info-stealing trojan which is still being updated today, as well as Valyria, a banking trojan turned malspam botnet with an exceptional ability to evade detection.

Ransomware-as-a-service malware Conti had been on the Nastiest Malware list, but following the group releasing a statement in support of the Russian government in February, the group’s internal chats were leaked on Twitter resulting in the disbanding of its leak site and command and control servers.

OpenText said the Conti group has since split up and rebranded into multiple operations including HelloKitty, BlackCat and BlackByte.

Meanwhile, Cobalt Strike and Brute Rate, two attack simulation tools designed for white hats, are now being frequently used by attackers, OpenText said.

Image credit: iStock.com/LumerB