A whopping 1,200 different malware families attacked UK businesses in November with the notorious Kelihos trojan top of the charts, according to new data from Check Point.
In second place in the UK and third globally was the Necurs family of malware which the vendor claimed grew 30 times compared with October.
Necurs is backdoor malware used by cyber-criminals to download additional nasties onto infected machines and disable security tools in order to evade detection.
It’s often used with Bedep, a trojan which grew in use by 250 times from October, according to Check Point.
The rise of both could be linked to a high profile malvertising campaign involving the notorious Angler exploit kit.
Third on the UK’s list of most prolific malware last month was that old favorite Conficker, which still accounted for 20% of recognized attacks globally.
In fact, along with Necurs and Cutwail, Conficker accounts for 40% of global attacks. According to Check Point this indicates that cyber-criminals are still mainly focused on taking remote control of infected machines to turn them into bots for sending out spam, DDoS attacks and the like.
Overall it was fairly good news for the UK, as the country was placed a lowly 116th on the “most attacked” list, dropping a huge distance from 23rd in October.
In context, it was attacked more often than the US (117th) and Ireland (124th) but less frequently than Canada (110th), Germany (99th), and France (52nd).
However, mobile malware is continuing to grow. Check Point found a 17% increase during November, with the top three families click fraud trojan Xinyin, followed by Ztorg and AndroRAT.
It must be added that most of the mobile malware activity globally is driven by China. Users who stick to the official Google Play store will by and large be insulated from such threats.
“Organizations face a daily battle to ensure that their networks are not compromised by cyber-criminals and it is vital that they know what they are up against,” said head of threat prevention, Nathan Shuchami.
“The data for November highlights the fact the attackers are focusing their efforts on malware that can disable security services and infect machines stealthily, so they can be more easily exploited.”