May 23, 2019 at
Security specialists at Kaspersky Lab are warning the public of a rapidly expanding sector of malware: mobile banking trojans. Reports indicate a concerning number of attacks on over 300,000 different users in the first quarter of 2019. Over 30,000 modifications of this malware were used in the attacks.
This is similar to a report last year by Cisco, which warned of increasingly complex attacks over the botnet infrastructure by the Gozi banking Trojan. Attackers use malware not only to gain access to confidential information linked with user accounts but to leak funds. That’s right. These banking trojans allow attackers to steal your money.
According to the IT Threat Evaluation Report released by Kaspersky Lab, in the first quarter, the biggest threat was the newest version of Asacub malware, which accounts for nearly 60 percent of all attacks from banking trojans, targeted at over 8,000 users daily.
The concerning rise in mobile banking trojans is reflected in the reports by an increase from 1.85% of all mobile malware in the final quarter of 2018, to a substantial 3.24% in the first quarter of 2019. In addition, the number of mobile banking malware files increased from 18,501 to a staggering 29,841 between these two quarters.
So, how are these attackers able
to fool users into accessing bank accounts? The malware is created to resemble
any other mobile banking app. Believe me, they are true illusionists. Once
implemented, the user attempts to login and access is gained by the attacker,
regardless if they try to use their usual banking app. One way or another, the
attackers are able to access your bank account and your financial security is
put at risk.
Victor Chebyshev, a security researcher at Kaspersky Lab stated,
“The rapid rise of mobile financial malware is a troubling sign, especially since we see how criminals are perfecting their distribution mechanisms… For example, a recent tendency is to hide the baking Trojan in a dropper – the shell that is supposed to fly to the device under the security radar, releasing the malicious part only upon arrival.”
So what can we do to protect
The following suggestions from
Kaspersky Lab can substantially help to decrease risk:
- Only install apps from trusted sources. Not all apps from your
preferred app store are perfectly safe.
- Use the best security program on the market. The more
protection, the better.
- Never click on links in potential spam emails. If you don’t know
the sender, don’t open it.
- Check permissions requested by the app.