Top 10 Malware May 2022

Malware is a constant threat and being aware of them is the first step to keeping them at bay. Here we have listed the top 10 malware to watch out for this upcoming month.

Gh0st and Jupiter have made their entry as the top 10 malware and something every user should be aware of. Gh0st is a RAT employed to access infected endpoints.

Another evasive malware, Jupiter is .NET malware used to target innocent users when they visit any website and download a file in the form of a PDF or zip. The malware activity for this month is predicted to rise by a considerable amount as compared to the previous month.

Here Are The Top 10 Malware That You Should Watch Out For In May 2022.

Given below the Top 10 Malware ranked in order of virulence.


Shlayer is a downloader and dropper malware targeting mainly MacOS. It is mainly propagated through malicious websites, compromised domains, and malvertising posing as Adobe Flash updater.

All Shlayer domains use the same keyword <>. Below are numerous instances of domains Shlayer utilities.</>

  • api[.]interfacecache[.]com
  • api[.]scalableunit[.]com
  • api[.]typicalconfig[.]com
  • api[.]standartanalog[.]com
  • api[.]fieldenumerator[.]com
  • api[.]practicalsprint[.]com
  • api[.]searchwebsvc[.]com
  • api[.]connectedtask[.]com
  • api[.]navigationbuffer[.]com
  • api[.]windowtask[.]com


ZeuS is a trojan that tracks the keys of a victim when they visit any banking website. By tracking the keystrokes, they get hold of the credentials of users and cause financial losses. Since its inception, various malwares are based on the ZeuS code and are used to perpetuate havoc.

Agent Tesla

Agent Tesla is a RAT that gets hold of personal information and screenshots from an infected system.


NanoCore is a RAT propagated through malspam. It spreads as an Excel XLS spreadsheet. Once it finds entry into the system, it installs and executes various files.


CoinMiner, as the name suggests is a crypto miner application based on Windows Management Instrumentation (WMI) and EternalBlue to infect any network. It also employs WMI Standard Event Consumer scripting to run numerous scripts.


Delf is a group of malware with many versions devised in the Delphi programming language. They may be downloaders. Campaigns, targets, infection vectors, and capabilities, depending upon its version. They are sent to gain backdoor access, steal data, hinder antivirus, and various other functions.


Gh0st is a RAT wielded to regulate infected endpoints. Gh0st is plunged by other malware to establish a backdoor into an appliance that authorizes an attacker to entirely monitor the infected device.


Jupyter aka SolarMarker, is a highly infectious malware aimed to target harmless users to access any website or download any file. Jupyter majorly preys browser data in browsers such as Chrome, Chromium, and Firefox and has complete backdoor access.


  • 37[.]120.233[.]92
  • 89[.]44.9[.]108
  • 92[.]204.160[.]101
  • 92[.]204.160[.]114
  • 146[.]70.101[.]97
  • 146[.]70.53[.]153
  • 146[.]70.40[.]236
  • 193[.]29.104[.]89


Arechclient2, also known as SectopRAT, is a .NET RAT aimed to conduct numerous functions. Their main role is to steal information including browser and wallet data. It is also instilled with anti-VM and anti-emulator functions.


Mirai is a malware botnet targeting Internet of Things (IoT) devices. This is done to conduct a DDoS attack and in the process gain complete control of the system.

Final Words

So here are the top 10 malware you should watch out for in the month of May. Along with being informed about them, it is advisable to have a good quality antivirus and antimalware installed in your system. One such great antivirus is Sysvoot. Install it now and stay protected from any lurking dangers.

Leave a Reply

Your email address will not be published.