Level 1
Check Point Software Technologies Ltd. has revealed that Hummingbad has been overtaken as the leading mobile malware for the first time since February 2016, according to the new January Global Threat Impact Index from our Threat Intelligence Research Team.

Hummingbad was replaced at the top of the ?Most Wanted' Mobile Malware by Triada, a modular backdoor for Android which grants super-user privileges to downloaded malware, to help it to get embedded into system processes.  In total, mobile malware accounted for 9% of all recognized attacks while the Index ranked Kelihos, a botnet used in bitcoin theft, as the most prevalent malware family overall, with 5% of organizations globally impacted by it.

Overall the top 3 malware families revealed that hackers were using a wide range of attack vectors and tactics to target businesses. These threats impact all steps of the infection chain, including spam emails which are spread by botnets, and contain downloaders that eventually place ransomware or a Trojan on the victims machine.

Globally, Kelihos was the most active malware family, affecting 5% of organizations globally, followed by HackerDefender and Cryptowall in second and third place, respectively, with both impacting 4.5% of companies.

January 2017s Top 3 Most Wanted Malware:
  1. Kelihos - Botnet mainly involved in bitcoin theft and spamming. It utilizes peer-to-peer communications, enabling each individual node to act as a Command & Control server.
  2. HackerDefender - User-mode rootkit for Windows, can be used to hide files, processes and registry keys, and also implements a backdoor and port redirector that operates through TCP ports opened by existing services. This means it is not possible to find the hidden backdoor through traditional means.
  3. Cryptowall - Ransomware that started as a Cryptolocker doppelgnger, but eventually surpassed it. After the takedown of Cryptolocker, Cryptowall became one of the most prominent ransomwares to date. Cryptowall is known for its use of AES encryption and for conducting its C&C communications over the Tor anonymous network. It is widely distributed via exploit kits, malvertising and phishing campaigns.
Top 3 Most Wanted Mobile Malware:
  1. Triada - Modular backdoor for Android which grants super-user privileges to downloaded malware, to help it to get embedded into system processes. Triada has also been seen spoofing URLs loaded in the browser.
  2. Hummingbad - Android malware that establishes a persistent rootkit on the device, installs fraudulent applications, and with slight modifications could enable additional malicious activity such as installing a key-logger, stealing credentials and bypassing encrypted email containers used by enterprises.
  3. Hiddad Android malware which repackages legitimate apps and then releases them to a third-party store. Its main function is displaying ads, however it is also able to gain access to key security details built into the OS, allowing an attacker to obtain sensitive user data.
From January 2017, Check Point has revised how it indexes the top malware, it now shows the percentage of organizations worldwide affected by each malware family, to provide a ranking of the most prevalent malware families attacking networks, instead of a ranking based on the number of detections found. This gives a more accurate overview of the actual impact of threats on organizations during the month.

for more click on link above
Last edited by a moderator: