Six percent of organizations around the world were compromised with the FakeUpdates malware, also known as SocGholish, making it the most prevalent malicious payload in April, Hackread reports.
Attacks involving bogus browser update lures have been launched by Russian threat operation Evil Corp to spread FakeUpdates, which facilitates the execution of additional malicious software, an analysis from Check Point Research showed. Following FakeUpdates in last month's dominant payloads were the Remcos and Agent Tesla remote access trojans, as well as the AndroxGh0st malware, which has gained traction among nefarious actors. Both FakeUpdates and Phorpiex were leading in Latin American and European countries while Agent Tesla and Remcos were most popular in Asia. Moreover, education remained the most malware-targeted industry for the third month running, amid the emergence of new SatanLock ransomware operation, which was already the second most prevalent group last month behind Akira and ahead of Qilin, noted the report.
Attacks involving bogus browser update lures have been launched by Russian threat operation Evil Corp to spread FakeUpdates, which facilitates the execution of additional malicious software, an analysis from Check Point Research showed. Following FakeUpdates in last month's dominant payloads were the Remcos and Agent Tesla remote access trojans, as well as the AndroxGh0st malware, which has gained traction among nefarious actors. Both FakeUpdates and Phorpiex were leading in Latin American and European countries while Agent Tesla and Remcos were most popular in Asia. Moreover, education remained the most malware-targeted industry for the third month running, amid the emergence of new SatanLock ransomware operation, which was already the second most prevalent group last month behind Akira and ahead of Qilin, noted the report.
