QBot, a sophisticated Trojan that steals banking credentials and keystrokes, emerged as the most widespread malware in December, affecting 20 percent of organizations in Nigeria.

The latest Global Threat Index report noted that Qbot overtook Emotet as the most prevalent malware after it returned last month, affecting 7 percent of organizations worldwide.

Qbot, also known as Qakbot, is a banking Trojan that first appeared in 2008. It was designed to steal a user’s banking credentials and keystrokes. Often distributed via spam email, Qbot employs various anti-VM, anti-debugging, and anti-sandbox techniques to make analysis more difficult and evade detection.

Also read: Osinbajo urges the Odu’a group to invest in technology

“The overwhelming theme of our latest research is how malware often masquerades as legitimate software to give hackers backdoor access to devices without raising suspicion. That is why it is important to exercise due diligence when downloading any software and applications or clicking on links, regardless of how genuine they appear,” the report authors noted.

Check Point’s Global Threat Impact Index and its ThreatCloud Map are powered by Check Point’s ThreatCloud intelligence. ThreatCloud provides real-time threat intelligence derived from hundreds of millions of sensors around the world, across networks, endpoints, and mobile devices. Intelligence is enriched by AI-based engines and proprietary investigative data from Check Point Research, the intelligence and research arm of Check Point Software Technologies.

The research found that “Web Server Exposed Git Repository Information Disclosure” was the most common exploited vulnerability, affecting 46 percent of organizations globally, followed by “Malicious URL Directory Traversal Web Servers” with 44 percent. percent of affected organizations worldwide. Command Injection Over HTTP is the third most used vulnerability, with a global impact of 43 percent.