Security Experts:

Conficker Remains Top Malware by Number of Attacks

As one of the oldest active threats, Conficker continues to lead the malware landscape by number of registered attacks, accounting for 14 percent of recognized incidents, Check Point researchers say.

Seven years after it emerged, the Confiker worm is the most prominent malware family, trailed by Tinba and Sality, each with 9 percent of recognized attacks, the security researchers reveal. Although it rarely made it to the headlines the past half a year, Confiker was seen in a noteworthy infection during fall last year, when researchers found it shipping inside police body cameras.

According to Check Point, the number of active global malware families increased 15 percent in May, and the security firm detected a total of 2,300 unique and active malware families targeting business networks. In April, the researchers observed an increase of 50 percent in the number of unique malware families.

“The continued rise in the number of active malware variants highlights the wide range of threats and scale of challenges security teams face in preventing an attack on their business critical information,” Check Point says.

The top ten malware families worldwide in May included Conficker, Tinba (also known as Tiny Banker or Zusy), Sality, JBossjmx, Hummingbad, Zeroaccess, Zeus, Angler EK, Virut, and Cutwail. The security researchers explain that these ten malware families were responsible for 60 percent of all recognized attacks worldwide during May.

According to Check Point’s Threat Index for May, the Tinba banking Trojan has increased its presence on the threat landscape in May, while Sality, a Windows virus that allows remote operations and downloads of additional malware, has registered a lower infection rate. Among the threats that soared last month, we can also mention Zeus, a banking Trojan that uses man-in-the-browser keystroke logging and form grabbing to steal user credentials.

Trending down in the new Threat Index, albeit unsurprisingly, was the Angler exploit kit, which has completely vanished from the landscape two weeks ago. Responsible for over 60 percent of the EK traffic only a few months ago, Angler left a great void that other exploit kits weren’t able to fill as of yet: the overall EK activity went down 96% compared to April’s levels.

What’s also noteworthy is that the top 10 most wanted malware families are banking Trojans, botnets, worms, and exploit kits, with no ransomware family making an appearance on the list. For the past several months, ransomware has been terrorizing organizations and individuals alike, but no malware family in this category has managed to soar to top levels as of now, it seems.

view counter