May’s most prolific malware threats were previously unseen

Published on: 7 Jul 2017

More than a quarter of organisations worldwide were impacted by the WannaCry ransomware or the Fireball malware in May, according to Check Point Software Technologies’ monthly report.

May’s three most prolific malware families were previously unseen attacks, with Fireball affecting a fifth of organisations worldwide. It is a browser hijacker that can be turned into a full-functioning malware downloader to execute any code on victim machines, resulting in the theft of credentials or the installation of additional malware.

RoughTed was May’s second biggest malware, impacting 16 per cent. This large-scale malvertising is used to redirect users to various malicious websites and to deliver payloads such as scams, adware, exploit kits and ransomware.

It can be used to attack any type of platform and operating system, and utilises ad-blocker bypassing and fingerprinting in order to make sure it delivers the most relevant attack.

Third-placed WannaCry affected nearly eight per cent of organisations globally, most notably, the NHS with wide-scale disruption throughout the UK public healthcare service.

A Check Point spokesperson said: “To see so many brand-new malware families among the world’s most prevalent cyberattacks in May underlines just how innovative cybercriminals can be, and shows how dangerous it is for organisations to become complacent.”