India (Commonwealth)_India has witnessed a concerning surge in malware attacks during the first half of 2023, with a notable increase in monthly attacks, as reported by cybersecurity firm Checkpoint. The research conducted on the top malware for the month of June revealed that healthcare, education and research, utilities, insurance, and government sectors were the most targeted industries in the country.
Among the identified malware, Qbot, a banking Trojan, emerged as the most prevalent threat during the first half of the year. In June alone, this malware affected 12.29% of organizations in India, surpassing the global average of 7%. Qbot, which originated as a banking Trojan back in 2008, has evolved over time and acquired additional functionalities to pilfer passwords, emails, and credit card information. It commonly spreads through spam emails and acts as a loader for other malware, serving as a stepping stone for ransomware groups.
Another noteworthy malware is XMRig, an open-source CPU mining software utilized for mining the Monero cryptocurrency. In India, 7.32% of organizations fell victim to this malware, compared to the global average of 2.43%. Threat actors often exploit this open-source software by incorporating it into their own malware to carry out illicit mining on victims’ devices.
Additionally, a newly detected mobile Trojan called SpinOk gained prominence by making its way to the top of the malware list. This trojanized software development kit (SDK) garnered attention due to its exploitation of a zero-day vulnerability in file-sharing software known as MOVEit. Researchers found that SpinOk has been downloaded a staggering 421 million times so far. This malicious software has infiltrated various popular apps and games, some of which were even available on the Google Play Store.
The rising trend of malware attacks in India, particularly in sectors like healthcare, education and research, utilities, insurance, and government, calls for increased vigilance and cybersecurity measures. It is crucial for organizations and individuals to remain cautious, employ robust security solutions, and stay informed about the latest threats to protect themselves from potential cyberattacks.
