According to M86 Security firm, ASPROX is can execute SQL injections, and increased its presence on application service provider (ASP) sites from 5,000 to 11,000 in one night (FireEye, Inc. , 2015). Retailers need to remind their employees not to open emails from unknown senders or download any software without IT approval. ASPROX’s previous use was limited to spam emails, however it eventually progressed to SQL injection attacks and website takeovers. In 2015, a number of reports questioned whether ASPROX was still an active threat. • 19% PALEVO: A worm that is distributed by detachable drives, network shares, P2P, and chat programs. Compromised computers connect over UDP port 53 (FireEye, Inc. , 2015). PALEVO worms date back to 2009, however it only received recognition February 2010, after a few of the hackers responsible for the Mariposa botnet were arrested. The victims of the Mariposa botnet were corporate businesses from all over the world. PALEVO malware can download data, steal usernames and passwords, account numbers, and confidential business information. PALEVO can also launch DDoS attacks. There are a number of ways that that PALEVO can make its way onto a victim’s computer. It can be spread through P2P applications, mobile devices, and messenger applications. PALEVO malware can normally be found in folders with file settings set to Hidden, Read-Only, and System, (Abendan, 2011). PALEVO malware can link to specific websites and transmit commands from C&C servers that are controlled by the hacker. These commands can range from downloading files, steal web browser passwords specifically for Internet Explorer and Mozilla Firefox, port scanning, and execute UDP or TCP flooding. Once a computer has been compromised, it then becomes susceptible to future threats. It is imperative that the victim change their credentials as soon as possible after they are breached. Remote users will turn target computers into zombies without the authorized user’s knowledge (Abendan, 2011). PALEVO can result in more network traffic, and once a system is breached hackers can access usernames and passwords. Hackers can also spread the attack to other associated computer systems. Some variations of PALEVO are also able to launch DDoS attacks on multiple systems simultaneously. This can prevent authorized users from continuing regular business operations (Abendan, 2011). • 18% KOREDOS is a trojan that is capable of encrypting user files, causes damage to the master boot record (MBR), and forcing compromised systems to engage in distributed denial of service attacks (DDoS), (FireEye, Inc. , 2015). KOREDOS attacks normally involve a C server that transmits commands to the target computers. The commands are found within the threat. Due to the number of components in the attack, it is considered to be one of the more sophisticated cyber threats. The .dll file is responsible for damaging the MBR on the target computer. At this time, KOREDOS attacks have waned down and the any sites that were previously affect by the trojan can now be accessed without problems (Imano, 2011). However, computers have not been scanned and cleared for KOREDOS can find themselves experiencing an attack long after the first infection. KOREDOS changes files so that the characters reflect only zeros, and if the files size is larger than or equal to 10,485,760 bytes, KOREDOS will erase the files. If the file does not meet this criteria, KOREDOS will generate a file does not meet the criteria a .cab file using the original file name, and replace the original file. Files that are erased may be restorable, however those files that have been overwritten with zeros are ineligible for restoration (Imano, 2011). KOREDOS also damage the MBR and infected computers can survive the breach for only 10 days if they are not sterilized.• 14% ZEUS is a trojan that is also known as Zbot that was essentially created to steal financial credentials (FireEye, Inc. , 2015). Zeus is usually spread through spam emails and corrupt download links. Victims may receive emails that claim to be from financial or social media entities. These messages inform the victim that their credentials have been compromised. The messages will also provide a corrupt link that will infect the victim’s computer and steal information. Hackers can design Zeus to steal any type of information from the victim’s computer including online usernames and passwords by modifying configuration files that are compiled into the Trojan installer (Pilici, 2017). These files can also be updated at a later time in order to capture additional information if the hacker chooses to do so. Hackers can obtain private information through several approaches. In one approach, Zeus will automatically collect the passwords from Internet Explorer, FTP, POP3 that are enclosed within Protected Storage (PStore), (Pilici, 2017). Although Zeus’ most successful approach for collecting information remains to be observing websites found within the configuration file. Zeus will interrupt authentic website operations, and add unauthorized fields in order to collect private information from customers. Zeus can also communicate with a C&C server and cut off power to, or reboot target computers, erase system files, and cause the computers to become nonfunctional(Pilici, 2017).