Skip to main content
SolarWinds MSP
  • Login
  • Support
  • Partnerships
    • Partnerships Overview
    • Solution Provider Program
    • Technology Alliance Program
    • Distributor Program
SolarWinds MSP
  • Products
    • SolarWinds N-central Automate what you need. Tackle complex networks. Try this remote monitoring and management solution built to help maximize efficiency and scale.
    • SolarWinds RMM Start fast. Grow at your own pace. Try this powerful but simple remote monitoring and management solution.
    • SolarWinds EDR Defend against ransomware, zero-day attacks, and evolving online threats with Endpoint Detection and Response
    • SolarWinds Backup Manage data protection for servers, workstations applications, documents and Microsoft 365 from one SaaS dashboard.
    • Mail Protection & Archiving Protect users from email threats and downtime.
    • Password Management Easily adopt and demonstrate best practice password and documentation management workflows.
      • Passportal Demo
    • PSA & Ticketing Manage ticketing, reporting, and billing to increase helpdesk efficiency.
    • Remote Support Help support customers and their devices with remote support tools designed to be fast and powerful.
  • Solutions

    I'm looking for...

    • Security Solutions
    • Monitoring Solutions
    • Efficiency Solutions
  • Resources
    • Blog
    • Webcasts & Events
    • Ask the N-central Experts
    • Daily Live Demos
    • RMM Foundations Training
    • Upcoming Events
    • Upcoming Webcasts
    • Resource Center
    • COVID-19 Resources
    • Resource Library
      • Case Studies
      • Product Information
      • eBooks
      • White Papers
      • Infographics
    • SolarWinds MSP Free Tools
    • GDPR Resource Center
    • Security Resource Center
    • MSP Institute Webinar Series
    • MSP Advice Project
  • About
    • Contact
    • Customer Success
    • Worldwide sales and support
    • Careers
    • Awards and Recognition
    • Get A Quote
    • Newsroom
      • Press Releases
      • In The News
      • Media Contacts
      • COVID-19 Response
    • Leadership Team
    • Legal
      • Cookie Policy
      • Privacy Notice
      • Software Services Agreement
      • Terms of Use
      • Backup Fair Use Policy
    • Security
      • SolarWinds Security Statement
      • Vendor Data Protection Requirements
    • Support
  • IT Departments
  • Contact Sales
    • Get A Quote
    • General Inquiry
  • TRY NOW
    • SolarWinds RMM
    • SolarWinds Backup
    • MSP Manager
    • SolarWinds Passportal
    • SolarWinds N-central
    • SolarWinds Mail Assure
    • SolarWinds Risk Intelligence
    • SolarWinds Take Control
  • Request a Quote
  • Try Now
    • SolarWinds RMM
    • SolarWinds N-central
    • SolarWinds Backup
    • MSP Manager
    • SolarWinds Mail Assure
    • SolarWinds Passportal
    • SolarWinds Risk Intelligence
    • SolarWinds Take Control
Request quote
Filter Blogs
  • Filter by:
  • MSP Business
    • Automation
    • Backup & Disaster Recovery
    • Security-series
    • Best Practices
    • Business
    • Business Growth
    • Business Risk
    • Cloud Computing
    • Customer Service
    • Cybersecurity
    • Cybersecurity Awareness Month
    • Data
    • GDPR
    • Internet of Things
    • IT Support
    • ITSM
    • LOGICcards
    • Machine Learning
    • Mail
    • Managed Services
    • Marketing
    • Mobile
    • Networking
    • Operations
    • Podcast
    • Product
    • PSA
    • Remote Management
    • Research & Trends
    • Risk Intelligence
    • Security
    • Security Vlog
    • Service Desk
    • Services & Support
    • The Head Nerds
    • Tips & Advice
    • Training
Home Blog MSP Business Mail Our Top 10 Email Malware of All Time
Mail

Our Top 10 Email Malware of All Time

By Sebastian Antonescu
12 June, 2018

Email is infamous as a common means for spreading malware, with spam and phishing messages used to trick users into installing malicious software on their computers. These emails leverage a number of different techniques to get their payload delivered onto computers, including malicious links, macros, embedded scripts, or just the malware itself cloaked in a zip archive.

In this article, we will review some of the most dangerous pieces of malware that ever existed and were spread via email. These malicious applications have been hugely damaging for their victims, and some continue to pose a real threat. Here is our top ten “most wanted” malware of all time—spread via email. 

10. TrickBot (2016) 

trojan horse.jpgThis is a banking Trojan, which mainly uses a macro-based malware that hides in .doc and .xls files. Very similar to Dyre Trojan, it was set up to target digital banking platforms used by US banks, before spreading further afield to the UK, Australia, New Zealand, Canada, and Germany. Currently, it only affects Windows computers and does not harm Mac, iPhone, iPad, Blackberry, Windows phone, or Android phone. 

9. Emotet (2014)

This Trojan has also been seen in the banking world, targeting sensitive information, such as bank account details. It usually appears as a malicious spam email related to an invoice or payment notification with a direct download link to malware. Early this year, an Emotet attack cost the city of Allentown, PA, around $1 million. It is important to know these emails are often very difficult to block, unless the link follow option is enabled.

8. Hancitor (2014)

Also known as Chanitor, this is, to some extent, similar to the Emotet Trojan described above. It sends out malware links via a word document attachment. Most of the malicious web servers are located in the USA, while the majority of compromised domains are based in Asia. 

7. Loki-Bot (2015)

This is a login credentials information stealer, which sends sensitive data from the infected computer. Unlike other trojans, it is difficult to identify specific patterns in the spam emails distributing Loki-Bot Trojan. However, more often than not, attachment invoices or .zip files with .exe or other executable files inside can be seen in the emails. 

6. Duqu (2011)

Seen as the successor of Stuxnet back in 2011 when it first surfaced, Duqu has been leveraging a zero-day vulnerability in the Microsoft Windows TrueType Fonts and spreading via Word documents. In its second variant, it used spear-phishing, targeting Asia-Pacific businesses and their employees, and leveraged up to three zero-day vulnerabilities. It also deleted mailboxes and browser histories to cover its tracks.

5. Cridex (2012)

This Trojan, discovered in early 2012, is another strain of financial malware that steals banking credentials and sensitive information from infected machines. There have been reports of spam campaigns sent by the Cutwail botnet that bundled the Cridex malware back in early 2013. The email would include a link that would redirect users to a compromised legitimate website, that would then route the victim to the Blackhole Exploit Kit, which would deliver the final payload of Cridex.

4. Upatre (2013)

Shortly after the fall of the Blackhole Exploit Kit, Upatre surfaced, spreading via malicious email attachments or links inserted into emails that sent victims to a website hosting the malicious payload. Upatre also bundled several malware payloads such as: ZeuS, Crilock, Dyreza, and Rovnix, which severely damaged the security of infected computers.

3. Dyre (2014)

Dyre is a banking malware that made headlines after stealing more than $1 million in a single campaign and bypassing two-factor authentication security measures by persuading victims to contact the hackers and send the required information. Dyre is known for infecting its victims via spam emails; it lies in wait for the victim to log in to a bank website and steals his/her credentials. After infecting a computer, the malware converts it into a slave that sends out spam with the malicious attachment. 

2. CryptoLocker (2013)

payransom.jpgCryptoLocker is some of the most prolific ransomware ever created by cybercriminals; it encrypts all files on infected computers and demands a ransom in Bitcoins (BTC) for the decryption keys. It used to infect computers via attachments sent in spam campaigns or by leveraging the Gameover ZeuS botnet.

1. Dridex Trojan (2014)

Dridex is a well-known banking Trojan that leverages malicious macros in Microsoft Office documents and steals banking credentials and other financial details of victims. Dridex is an update of Cridex, which was built on top of the ZeuS botnet. It began spreading in late 2014, generating almost 15,000 emails per day during the first spam campaign. Recently, the Dridex Trojan started to refocus its attacks on high-valued banking targets from the UK, leveraging malicious macros in an office document disguised as invoices during its phishing campaigns.

To help keep your network and computers protected, you need a multilayered security approach. Deploying a professional email security solution that filters all incoming as well as outgoing messaging is of great importance; however, this is only one part of your security strategy. A robust endpoint security solution is just as critical to help ensure you directly secure end-user devices. This is the optimal strategy to help you keep malware out.

Do you have something to add to our list? 

Additional reading:

  • Evasive Malware: The Enemy You Can’t See
  • How to Keep on Top of the Malware Threat
  • Tales of the Unexpected: Mitigating the Left Field Security Risk
  • Beware: Mac Malware Is on the Rise

 

To find out how SolarWinds® Mail Assure™ can help you protect your systems, click here.

 

Sebastian Antonescu is the Technical Support Team Manger for Mail Assure and SpamExperts brands.

 

 © 2018 SolarWinds MSP UK Ltd. All rights reserved.

 
The SolarWinds and SolarWinds MSP trademarks, service marks, and logos are the exclusive property of SolarWinds MSP UK Ltd. or its affiliates. All other trademarks are the property of their respective owners.

 

You might also like...
Mail

How Email Archiving Can Help Move You Toward SOX Compliance

Mail

How a Secure Email Gateway (SEG) Can Protect Your Business

Mail

How to Effectively Use an Email Spam Filter Service

Mail

6 Cybersecurity Tips for Business Email

Mail

Partnering for Growth: Strong Defenses, Solid MSP Partnerships

Mail

What Is DMARC Email Security and How Do You Implement It?

Want to stay up to date?

Get the latest MSP tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a subscription.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site

Recent Posts
  • January 2021 Patch Tuesday: One Actively Exploited Vulnerability and a Few Likely to Be
  • TAP Blog Series: Maximizing Your Service Delivery Opportunity
  • Why Do MSPs Choose SolarWinds Backup? IT Central Station Finds Out
  • Seven Features Remote Assistance Software Should Have
  • TAP Blog Series: Creating Your Automation Strategy—Three Key Components You Must Have in Place
Categories:
  • Security (229)
  • Tips & Advice (122)
  • Best Practices (94)
  • Managed Services (86)
  • Backup & Disaster Recovery (82)
  • Business Growth (75)
  • The Head Nerds (74)
  • IT Support (41)
  • Business (39)
  • Cybersecurity (37)
  • Automation (36)
  • Operations (33)
  • Mail (33)
  • Remote Management (27)
  • ITSM (25)
  • Cloud Computing (21)
  • Networking (21)
  • Data (21)
  • Marketing (14)
  • Product (11)
  • PSA (10)
  • Risk Intelligence (4)
  • Service Desk (4)
  • Services & Support (4)
  • Mobile (4)
  • Customer Service (3)
  • Internet of Things (3)
  • GDPR (2)
  • Research & Trends (2)
  • Training (2)
  • LOGICcards (1)
  • Business Risk (1)
Show moreless
SolarWinds MSP

Products
  • SolarWinds RMM
  • SolarWinds N-central
  • SolarWinds Backup
  • SolarWinds EDR
  • SolarWinds MSP Manager
  • SolarWinds Mail Assure
  • SolarWinds Risk Intelligence
  • SolarWinds Take Control
  • SolarWinds Passportal
  • All Products Use Cases
Solutions
  • Security Solutions
  • Monitoring Solutions
  • Efficiency Solutions
  • Identify which RMM solution is right for me
  • Drive Efficiency with Automation
  • Manage my MSP Business More Efficiently
  • Manage my IT Department More Efficiently
  • Layered Security
  • Cross-Platform Support
  • Data-Driven Insights
About
  • About Us
  • Careers
  • Newsroom
  • Leadership Team
  • Upcoming Events
  • Subscription Preferences
  • SolarWinds
  • SolarWinds Trust Center
  • COVID-19 Response
Support
  • SolarWinds RMM
  • Solarwinds N-central
  • SolarWinds Backup
  • SolarWinds Mail Assure
  • SolarWinds Take Control
  • SolarWinds MSP Manager
  • Solarwinds Risk Intelligence
  • Solarwinds Threat Monitor
  • SolarWinds Passportal
  • SolarWinds Take Control Downloads
  • Backup & Recovery Downloads
  • Service Status

Footer 2

  • Legal Documents
  • Privacy
  • California Privacy Rights
  • Security Information
  • Sitemap

© SolarWinds MSP Canada ULC and SolarWinds MSP UK Ltd.
All Rights Reserved.