As the information security industry tries to assess threat levels of ever-increasing numbers of malicious strains, the famed Conficker worm maintains its rank as the most common malware family, according to Check Point's May 2016 Threat Index.
The Conficker worm spreads laterally across networks and is not immediately perceived as a serious threat, noted Check Point threat intelligence group manager Maya Horowitz. “It flies under the radar,” she wrote, in an email to SCMagazine.com. In November, Conficker generated renewed fears when researchers discovered police department body cameras were pre-installed with the worm.
Although the worm has been causing havoc for more than eight years, Horowitz warned companies to not to become complacent about the perils of Conficker infection. Once a network is infected by the Conficker worm, it is vulnerable to ongoing malware attacks and theft of financial credentials, password credentials, and intellectual property. The United States and India have the highest rate of Conficker infection.
Horowitz suggested companies establish multi-layered security that includes anti-bot technologies to block Conficker's communication with a command and control (C&C) server, and set up CPU-level sandboxing, AV protection, and threat extraction solutions.
Fourteen percent of cyber incidents are now traceable to the malicious worm, the Check Point study said. Other malware strains that are growing more common are the Tinba banking Trojan (also known as Tiny Tinba, Tiny Banker, Tinbapore, and Zusy), JBossjmx, and the Android malware Hummingbad.