As one of the oldest active threats, Conficker continues to lead the malware landscape by number of registered attacks, accounting for 14 percent of recognized incidents, Check Point researchers say.
Seven years after it emerged, the Confiker worm is the most prominent malware family, trailed by Tinba and Sality, each with 9 percent of recognized attacks, the security researchers reveal. Although it rarely made it to the headlines the past half a year, Confiker was seen in a noteworthy infection during fall last year, when researchers found it shipping inside police body cameras.
According to Check Point, the number of active global malware families increased 15 percent in May, and the security firm detected a total of 2,300 unique and active malware families targeting business networks. In April, the researchers observed an increase of 50 percent in the number of unique malware families.
“The continued rise in the number of active malware variants highlights the wide range of threats and scale of challenges security teams face in preventing an attack on their business critical information,” Check Point says.
The top ten malware families worldwide in May included Conficker, Tinba (also known as Tiny Banker or Zusy), Sality, JBossjmx, Hummingbad, Zeroaccess, Zeus, Angler EK, Virut, and Cutwail. The security researchers explain that these ten malware families were responsible for 60 percent of all recognized attacks worldwide during May.
According to Check Point’s Threat Index for May, the Tinba banking Trojan has increased its presence on the threat landscape in May, while Sality, a Windows virus that allows remote operations and downloads of additional malware, has registered a lower infection rate. Among the threats that soared last month, we can also mention Zeus, a banking Trojan that uses man-in-the-browser keystroke logging and form grabbing to steal user credentials.
Trending down in the new Threat Index, albeit unsurprisingly, was the Angler exploit kit, which has completely vanished from the landscape two weeks ago. Responsible for over 60 percent of the EK traffic only a few months ago, Angler left a great void that other exploit kits weren’t able to fill as of yet: the overall EK activity went down 96% compared to April’s levels.
What’s also noteworthy is that the top 10 most wanted malware families are banking Trojans, botnets, worms, and exploit kits, with no ransomware family making an appearance on the list. For the past several months, ransomware has been terrorizing organizations and individuals alike, but no malware family in this category has managed to soar to top levels as of now, it seems.

More from SecurityWeek News
- Threat Hunting Summit Virtual Event NOW LIVE
- Video: ESG – CISO’s Guide to an Emerging Risk Cornerstone
- Threat Modeling Firm IriusRisk Raises $29 Million
- SentinelOne Announces $100 Million Venture Fund
- Today: 2022 CISO Forum Virtual Event
- Cymulate Closes $70M Series D Funding Round
- SecurityWeek to Host CISO Forum Virtually September 13-14, 2022: Registration is Open
- Privilege Escalation Flaw Haunts VMware Tools
Latest News
- Chrome 114 Released With 18 Security Fixes
- Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards
- Breaking Enterprise Silos and Improving Protection
- Spyware Found in Google Play Apps With Over 420 Million Downloads
- Millions of WordPress Sites Patched Against Critical Jetpack Vulnerability
- Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery
- PyPI Enforcing 2FA for All Project Maintainers to Boost Security
- Personal Information of 9 Million Individuals Stolen in MCNA Ransomware Attack
