The second most popular is a piece of malware called Jsecoin, which is a JavaScript-based miner that can be embedded into websites and runs in a target's browser. Then there's Cryptoloot, which is a Coinhive competitor and works in much the same way.
Although cryptojacking software dominates the top-ten list, they're not the only types of malware on it, and this year's list features two venerable contenders: Emotet and Ramnit, both of which are banking Trojans that have been in circulation for a long time.
While all of these threats are bad, the one that's getting a lot of attention from security professionals is a relative newcomer to the rankings called Smoke Loader. Interestingly, Smoke Loader isn't dangerous by itself, but then again, that's not its real goal. It's a gateway malware. A Trojan whose express purpose is to infiltrate a system and then download additional malware.
The specifics are entirely open-ended. If a hacker using Smoke Loader to infiltrate a system wants to follow that attack up with a cryptojacker, he can do that. If he'd prefer to launch a ransomware attack, he can do that too. The sky is basically the limit.
In any case, the Check Point top-ten list is well worth a closer look, if for no other reason than to be sure your IT staff is up on all the latest threats.