Check Point has revealed that Hummingbad has been overtaken as the leading mobile malware for the first time since February 2016, and replaced at the top of the “most wanted mobile malware” Triada.
According to the new January Global Threat Impact Index from its Threat Intelligence Research Team, Triada is a modular backdoor for Android which grants super-user privileges to downloaded malware, as helps it to get embedded into system processes.
In total, mobile malware accounted for nine percent of all recognised attacks while the Index ranked Kelihos, a botnet used in bitcoin theft, as the most prevalent malware family overall, with five percent of organisations globally is impacted by it.
Overall the top three malware families revealed that hackers were using a wide range of attack vectors and tactics to target businesses. These threats impact all steps of the infection chain, including spam emails which are spread by botnets, and contain downloaders that place ransomware or a Trojan on the victim's machine.
Globally, Kelihos was the most active malware family affecting five percent of organisations globally, followed by HackerDefender and Cryptowall in second and third place respectively, with both impacting 4.5 percent of companies.
The UK was also the 53rd most attacked country globally, higher than the US (100th), Germany (65th) and France (61st).
Nathan Shuchami, head of threat prevention at CheckPoint commented, “The wide range of threats seen during January, utilising all the available tactics in the infection chain, demonstrates the size of the task IT teams face in securing their networks against attack.”
Shuchami added: “To defend themselves, organisations need to apply advanced threat prevention measures on their networks, endpoints and mobile devices to stop malware at the pre-infection stage, to ensure that they are secured against both known and unknown threats.”
From January 2017, CheckPoint has revised how it indexes the top malware: it now shows the percentage of organisations worldwide affected by each malware family, to provide a ranking of the most prevalent malware families attacking networks, instead of being based on the number of detections found. This gives a more accurate overview of the actual impact of threats on organisations during the month.