An updated variant of the Valak malware family earned a place on a security firm’s “most wanted malware” list for the first time.
Check Point revealed that an updated version of Valak ranked as the ninth most prevalent malware in its Global Threat Index for September 2020.
First detected back in 2019, Valak garnered the attention of Cybereason in May 2020 for its ability to function beyond a malware loader and independently operate as an information stealer.
That was just a month before SentinelOne observed Valak using “clientgrabber,” a plugin which enabled the malware to steal email credentials from the registry. The security firm also noted that it had seen some connections between the Gozi ConfCrew and Valak.
At the beginning of July 2020, Cisco Talos revealed that it had witnessed Valak using stolen email threads and password-protected .ZIP archives to target organizations in the financial, manufacturing, health care and insurance sectors.