Check Point Research: Formbook is the Most Popular Malware

Formbook has been the most widely used malware worldwide since this month. Research by Check Point Research shows that approximately 4.5 percent of all organizations have already been victims of such an attack With this, Formbook knocks the ‘popular’ Trickbot off the throne.


Formbook first saw the light of day in 2016 and has seen a steady rise in popularity ever since. It is a so-called Infostealer, a Trojan horse designed to steal information from an IT system. Infostealers are often used to obtain login details such as usernames and passwords. With Formbook, the hacker can control the malware remotely and have data stolen at fixed times. Due to this versatility, Formbook is now enjoying growing popularity among hackers, causing significant damage to end-users.

The Formbook code is written in the C programming language and contains so cryptic and hidden (the so-called obfuscation techniques) that it is a challenge for researchers to decipher them. Furthermore, the malicious software is unknowingly installed on the smartphone, tablet, or laptop because the codes appear familiar.

Like many malware, Formbook is efficiently distributed via phishing e-mails, known suspicious senders and e-mail addresses. The Infostealer also has a variant aimed explicitly at Apple computers with the macOS operating system, the so-called XLoader.

Second in Check Point Research’s Top Malware list is Trickbot, a modular Trojan that is continuously updated by the hacker community (4.2 percent worldwide). Finally, the top three is rounded out by Agent Tesla, a keylogger that records keyboard activity (2.79 percent).

“As always, we encourage users to think twice before opening a link,” said Zahier Madhar, Security Engineer at Check Point Software. ‘You can also protect yourself against zero-day attacks by using the right technological tools. However, you should also not assume that it will never happen to you. A frequent scan for malware works best for this.’

Leave A Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.