Top Malware Families Found in January 2016 Show DDoS on the Rise

Distributed denial of service (DDoS) attacks are common threats that companies of all sizes have to continuously face. The size of DDoS attacks targeting businesses has been getting bigger every year, and from the amount of cyberattacks that occurred in January, it’s critical that organizations protect themselves against such attacks.


Back in December 2015, we saw the number of active malware families increase by 25%. Now, Check Point’s ThreatCloud World Cyber Threat Map has identified more than 1,500 different malware families during January, continuing the growing trend we saw at the end of last year.


According to Check Point research, Conficker and Sality were the top two malware families commonly used. This is no surprise, as Conficker and Sality have been trading places at the top malware list during the last few months. However, the third spot had been taken by a new entry: Dorkbot, a malware associated with DDoS attacks and exploits targeting sensitive data, was responsible for 5% of attacks during the month.


The top three malware families, which accounted for 39% of the total attacks in January, were:

  1. ↔ Conficker – Accounted for 24% of all recognized attacks, machines infected by Conficker are controlled by a botnet. It also disables security services, leaving computers even more vulnerable to other infections.
  2. ↑Sality – Virus that allows remote operations and downloads of additional malware to infected systems by its operator. Its objective is to persist in a system and provide means for remote control and installing further malware.
  3. ↑Dorkbot – IRC-based Worm designed to allow remote code execution by its operator, as well as download additional malware to the infected system, with the primary motivation being to steal sensitive information and launch denial-of-service attacks.


 The rising surge of Dorkbot shows that hackers are increasingly using DDoS to bring down businessses, proving how popular and effective the attack method has become.


 Check Point’s research also revealed mobile attacks against Android devices were significantly more common than iOS. The top three mobile malware were AndroRAT, Xinyin, and Leech.


DDoS attacks have always been a huge concern, but most businesses make the common mistake of relying on traditional solutions and waiting until they have been the target of a DDoS attack before implementing the proper protections. As the scale and length of cyberattacks continue to grow, it’s important that organizations think proactively and deploy security solutions to help defend against their business from the latest threats.