Check Point’s Threat Intelligence Research Team found that both the number of active malware families and number of attacks increased by 5% during the period, pushing the number of attacks on business networks to near peak levels, as seen earlier this year. Locky ransomware attacks continued to rise, moving it up from third to second place, while the Zeus banking trojan moved up two spots, returning it to the top three. The reason for Locky’s continued growth is the constant variation and expansion of its distribution mechanism, which is primarily through spams emails. Its creators are continually changing the type of files used for downloading the ransomware, including doc, xls and wsf files, as well as making significant structural changes to the spam emails. The actual ransomware itself is nothing exceptional, but cyber criminals are investing a lot of time into maximizing the number of machines that become infected by it. For the seventh consecutive month, HummingBad, an android malware that establishes a persistent rootkit to carry out an array of malicious purposes, remained the most common malware used to attack mobile devices.