Posted on May 23, 2019 at 8:24 PM
Security specialists at Kaspersky Lab are warning the public of a rapidly expanding sector of malware: mobile banking trojans. Reports indicate a concerning number of attacks on over 300,000 different users in the first quarter of 2019. Over 30,000 modifications of this malware were used in the attacks.
This is similar to a report last year by Cisco, which warned of increasingly complex attacks over the botnet infrastructure by the Gozi banking Trojan. Attackers use malware not only to gain access to confidential information linked with user accounts but to leak funds. That’s right. These banking trojans allow attackers to steal your money.
According to the IT Threat Evaluation Report released by Kaspersky Lab, in the first quarter, the biggest threat was the newest version of Asacub malware, which accounts for nearly 60 percent of all attacks from banking trojans, targeted at over 8,000 users daily.
The concerning rise in mobile banking trojans is reflected in the reports by an increase from 1.85% of all mobile malware in the final quarter of 2018, to a substantial 3.24% in the first quarter of 2019. In addition, the number of mobile banking malware files increased from 18,501 to a staggering 29,841 between these two quarters.
So, how are these attackers able to fool users into accessing bank accounts? The malware is created to resemble any other mobile banking app. Believe me, they are true illusionists. Once implemented, the user attempts to login and access is gained by the attacker, regardless if they try to use their usual banking app. One way or another, the attackers are able to access your bank account and your financial security is put at risk.
Victor Chebyshev, a security researcher at Kaspersky Lab, reportedly stated his concerns over the rapid rise of mobile financial malware, referencing the attackers increasing proficiency in distribution mechanisms. According to Chebyshev, the attackers have a recent tendency of camouflaging trojans in such a way that they are able to remain under the security radar until implemented. Once established, malicious malware begins to take effect.
So what can we do to protect ourselves?
The following suggestions from Kaspersky Lab can substantially help to decrease risk:
- Only install apps from trusted sources. Not all apps from your preferred app store are perfectly safe.
- Use the best security program on the market. The more protection, the better.
- Never click on links in potential spam emails. If you don’t know the sender, don’t open it.
- Remember to check all permissions requested by the app. What is the app requesting permission to access? Ask yourself if what the app is requesting are reasonable and common permissions for its purpose.
As indicated, mobile banking malware is a growing threat to our personal and professional security that is not expected to decline in the near future. Attackers are using rapidly changing and increasingly sophisticated malware modifications in order to gain access to bank accounts worldwide. It is up to security professionals, and individuals alike, to take measures to prevent infiltration by malicious parties.
We will see what the future holds for financial security in the months ahead.