Check Point’s Global Threat Index Shows Malware Attacks are on the Rise
November 23 2016 - 3:37AM
Check Point® Software Technologies Ltd. (NASDAQ:CHKP) today
revealed the number of malware attacks increased in October, as the
company released its monthly Global Threat Index, a ranking of the
most prevalent malware families attacking organizations’ networks.
Check Point’s Threat Intelligence Research Team found that both
the number of active malware families and number of attacks
increased by 5% during the period, pushing the number of attacks on
business networks to near peak levels, as seen earlier this year.
Locky ransomware attacks continued to rise, moving it up from third
to second place, while the Zeus banking trojan moved up two spots,
returning it to the top three. The reason for Locky’s continued
growth is the constant variation and expansion of its distribution
mechanism, which is primarily through spams emails. Its creators
are continually changing the type of files used for downloading the
ransomware, including .doc, .xls and .wsf files, as well as making
significant structural changes to the spam emails. The actual
ransomware itself is nothing exceptional, but cyber criminals are
investing a lot of time into maximizing the number of machines that
become infected by it. For the seventh consecutive month,
HummingBad, an android malware that establishes a persistent
rootkit to carry out an array of malicious purposes, remained the
most common malware used to attack mobile devices.
Once again Conficker retained its first place position as the
world’s most prevalent malware, responsible for 17% of recognized
attacks. Both second placed Locky, which only started its
distribution in February of this year, and third placed Zeus, were
responsible for 5% of known attacks.
- ↔ Conficker – Worm that allows remote
operations and malware download. The infected machine is controlled
by a botnet, which contacts its Command & Control server to
receive instructions.
- ↑ Locky – Ransomware, which started its
distribution in February 2016, and spreads mainly through spam
emails containing a downloader disguised as a Word or Zip file
attachment, which then downloads and installs the malware that
encrypts the user files.
- ↑ Zeus – Trojan that targets Windows
platforms and is often used to steal banking information by
man-in-the-browser keystroke logging and form grabbing.
Mobile malware families continued to pose a significant threat
to businesses, with 15 of the top 200 malware families targeting
mobile devices. The three most common mobile families were:
- ↔ HummingBad – Android malware that
establishes a persistent rootkit on the device, installs fraudulent
applications and enables additional malicious activity such as
installing a key-logger, stealing credentials and bypassing
encrypted email containers used by enterprises.
- ↔ Triada – Modular Backdoor for Android, which
grants super-user privileges to downloaded malware, as helps it to
get embedded into system processes. Triada has also been seen
spoofing URLs loaded in the browser.
- ↑ XcodeGhost – A compromised version of the
iOS developer platform, Xcode. This unofficial version of Xcode was
altered so that it injects malicious code into any app that was
developed and compiled using it. The injected code sends app
information to a Command & Control server, allowing the
infected app to read the device clipboard.
Nathan Shuchami, Head of Threat Prevention at Check Point
explained, “With the number of attacks and malware families
increasing, the scale of the challenge organizations face in
ensuring their networks remain secure is tremendous. The fact the
top ten malware remained virtually the same as September suggests
that cyber criminals have enjoyed a considerable amount of success
with these attack methods, signaling to organizations that they
need to proactively respond to protect their critical business
assets. It is particularly concerning that a malware family as
established and well known as Conficker is so effective, suggesting
that organizations aren’t using the latest, multi-layered
defenses.”
“To protect themselves, organizations must take a comprehensive
approach and have advanced threat prevention measures on networks,
endpoints and mobile devices to stop malware at the pre-infection
stage, such as Check Point’s SandBlast™ Zero-Day Protection and
Mobile Threat Prevention solutions, to ensure that they are
adequately safeguarded from the latest threats,” added
Shuchami.
Check Point’s threat index is based on threat intelligence drawn
from its ThreatCloud World Cyber Threat Map, which tracks how and
where cyberattacks are taking place worldwide in real time. The
Threat Map is powered by Check Point’s ThreatCloudTM intelligence,
the largest collaborative network to fight cybercrime, which
delivers threat data and attack trends from a global network of
threat sensors. The ThreatCloud database holds over 250 million
addresses analyzed for bot discovery, over 11 million malware
signatures and over 5.5 million infected websites, and identifies
millions of malware types daily.
Check Point’s Threat Prevention Resources are available
at: http://www.checkpoint.com/threat-prevention-resources/index.html
Follow Check Point
via:Twitter: http://www.twitter.com/checkpointswFacebook: https://www.facebook.com/checkpointsoftwareBlog: http://blog.checkpoint.comYouTube:
http://www.youtube.com/user/CPGlobalLinkedIn:
https://www.linkedin.com/company/check-point-software-technologies
INVESTOR CONTACT:
Kip E. Meintzer
Check Point Software Technologies
+1.650.628.2040
ir@checkpoint.com
MEDIA CONTACT:
Emilie Beneitez Lefebvre
Check Point Software Technologies
Tel: +44 (0) 7785 381 302
press@checkpoint.com
Check Point Software Tec... (NASDAQ:CHKP)
Historical Stock Chart
From Mar 2024 to Apr 2024
Check Point Software Tec... (NASDAQ:CHKP)
Historical Stock Chart
From Apr 2023 to Apr 2024