This list contains the top 10 malware and ransomware families detected by Netskope targeting users in the Canada region in the last 12 months:
Backdoor.ChinaChopper is a WebShell malware that infects Web servers to provide access back into an enterprise network that does not rely on an infected system calling back to a remote command and control server.
Infostealer.AgentTesla is a .NET-based remote access Trojan with many capabilities, such as stealing browser passwords, capturing keystrokes, and stealing the clipboard.
Phishing.PhishingX is a malicious PDF file used in a phishing campaign to redirect victims to a phishing page.
RAT.Remcos is a remote access trojan that provides an extensive list of features for controlling devices remotely.
RAT.NetWiredRC (a.k.a. NetWire RC) is a malware associated with APT33, aimed to provide remote access and steal sensitive information, like passwords.
RAT.NjRAT (a.k.a. Bladabindi) is a remote access Trojan with many capabilities, including logging keystrokes, stealing credentials from browsers, accessing the victim’s camera, and managing files.
Trojan.FormBook (a.k.a. XLoader) is a malware that provides full control over infected machines, offering many functionalities such as stealing passwords and executing additional malware.
Trojan.ModernLoader (a.k.a. Avatar Bot) is malware that can collect basic system information and deliver multiple malware types, such as cryptominers and RATs, to the infected system.
Trojan.Ursnif (a.k.a. Gozi) is a banking Trojan and backdoor, whose source code was leaked on GitHub in 2005, allowing attackers to create and distribute many variants.
Trojan.Valyria (a.k.a. POWERSTATS) is a family of malicious Microsoft Office documents that contain embedded malicious VBScripts, usually to deliver other malicious payloads.