Check Point® Software Technologies Ltd., a pioneering AI-powered, cloud-delivered cyber security platform provider, has published its Global Threat Index for July 2024. Despite a significant drop in June, LockBit re-emerged last month to become the second most prevalent ransomware group, while RansomHub retained the top spot. Meanwhile, researchers identified both a campaign distributing Remcos malware following a CrowdStrike update issue, and a series of new FakeUpdates tactics, which once again ranked first on the top malware list for July.
An issue in the CrowdStrike Falcon sensor for Windows led to cybercriminals distributing a malicious ZIP file named crowdstrike-hotfix.zip. This file contained HijackLoader, which subsequently activated Remcos malware, which was ranked as the seventh most wanted malware in July. The campaign targeted businesses using Spanish-language instructions and involved the creation of fake domains for phishing attacks.
