Security Experts:

Connect with us

Hi, what are you looking for?


Malware & Threats

Conficker Remains Top Malware by Number of Attacks

As one of the oldest active threats, Conficker continues to lead the malware landscape by number of registered attacks, accounting for 14 percent of recognized incidents, Check Point researchers say.

As one of the oldest active threats, Conficker continues to lead the malware landscape by number of registered attacks, accounting for 14 percent of recognized incidents, Check Point researchers say.

Seven years after it emerged, the Confiker worm is the most prominent malware family, trailed by Tinba and Sality, each with 9 percent of recognized attacks, the security researchers reveal. Although it rarely made it to the headlines the past half a year, Confiker was seen in a noteworthy infection during fall last year, when researchers found it shipping inside police body cameras.

According to Check Point, the number of active global malware families increased 15 percent in May, and the security firm detected a total of 2,300 unique and active malware families targeting business networks. In April, the researchers observed an increase of 50 percent in the number of unique malware families.

“The continued rise in the number of active malware variants highlights the wide range of threats and scale of challenges security teams face in preventing an attack on their business critical information,” Check Point says.

The top ten malware families worldwide in May included Conficker, Tinba (also known as Tiny Banker or Zusy), Sality, JBossjmx, Hummingbad, Zeroaccess, Zeus, Angler EK, Virut, and Cutwail. The security researchers explain that these ten malware families were responsible for 60 percent of all recognized attacks worldwide during May.

According to Check Point’s Threat Index for May, the Tinba banking Trojan has increased its presence on the threat landscape in May, while Sality, a Windows virus that allows remote operations and downloads of additional malware, has registered a lower infection rate. Among the threats that soared last month, we can also mention Zeus, a banking Trojan that uses man-in-the-browser keystroke logging and form grabbing to steal user credentials.

Trending down in the new Threat Index, albeit unsurprisingly, was the Angler exploit kit, which has completely vanished from the landscape two weeks ago. Responsible for over 60 percent of the EK traffic only a few months ago, Angler left a great void that other exploit kits weren’t able to fill as of yet: the overall EK activity went down 96% compared to April’s levels.

What’s also noteworthy is that the top 10 most wanted malware families are banking Trojans, botnets, worms, and exploit kits, with no ransomware family making an appearance on the list. For the past several months, ransomware has been terrorizing organizations and individuals alike, but no malware family in this category has managed to soar to top levels as of now, it seems.

Written By

Click to comment

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.


CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.


Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Malware & Threats

Security researchers are warning of a new wave of malicious NPM and PyPI packages designed to steal user information and download additional payloads.

Malware & Threats

Cybercrime in 2017 was a tumultuous year "full of twists and turns", with new (but old) infection methods, a major return to social engineering,...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...