Kaspersky Lab spots mobile malware interest on bank accounts

February 27, 2014 by Nancy Owano weblog

Looking at data for 2013, Kaspersky Lab analysts said it is clear that the mobile malware sector has grown up to be a breed of sophisticated pickpockets with slick techniques and with special sights on robbing money from bank accounts. A report from Kaspersky Lab stated it was safe to say that "today's cybercriminal is no longer a lone hacker but part of a serious business operation."

The criminals who are focused on banking as targets unleash advanced programs that are Trojans targeting accounts, in what has become an attractive source of criminal earnings. "Mobile Malware Evolution: 2013" reported on attempts to steal data from mobile phones and tablets. "Most mobile is designed to steal users' money, including SMS-Trojans, and lots of backdoors and Trojans," wrote lab analysts Victor Chebyshev and Roman Unuchek. Over the year, the number of mobile malware modifications designed for phishing, theft of and money increased by a factor of 19.7. At the beginning of the year, the authors said they knew only 67 banking Trojans. By the end of the year there were 1321 unique samples.

Another finding: Mobile banking attacks were more abundant in certain geographic areas. They said the top five countries with the highest number of attacked users were Russia, India, Vietnam, Ukraine and the UK, accordingly. In Russia, mobile cybercrime is particularly prevalent and 40.3% of all users attacked worldwide in 2013 were located in that country..

The report noted, though, that Russia and the CIS (Commonwealth of Independent States) countries often serve as a testing ground for new technologies. "Having perfected their technologies in the Russian-language sector of the Internet, the cybercriminals then turn their attention to users in other countries."

While the majority of :banking Trojan attacks target users in Russia and the CIS, Chebyshev said that given the cybercriminals' keen interest in user bank accounts, the activity of Trojans is expected to grow in other countries in 2014.

A total of 143,211 new modifications of malicious programs targeting mobile devices were detected in all of 2013 (as of January 1, 2014).

Android—whether, as some argue, because of its popularity or others, because of architecture vulnerability—showed up in the findings as a prime target for malicious attacks. Most (98.05%) of all malware detected last year targeted this platform.

The authors named specific types of "malicious innovations" targeting . The list included the Perkele Android Trojan, attacking Russian users and clients of European banks. Its main task is to bypass the two-factor authentication of the client in the online banking system.

They also cited a Korean malicious program Wroba, which searches for mobile banking applications, removes them and uploads counterfeit versions. "From the outside, they are indistinguishable from the legitimate applications. However, they possess no banking functions, and merely steal the logins and passwords entered by users."

Frequency, geographic targeting and types do not complete the picture of what is going on in mobile banking theft. The report also examined the maturity of what is now a "cyber industry" motivated to profit as effectively as possible The report said various types of actors involved in the mobile malware industry include virus writers, testers, interface designers of malicious apps and the web pages they are distributed from, owners of partner programs that spread the malware, and mobile botnet owners.

What's more, criminals are increasingly using obfuscation, which Kaspersky Lab described as the deliberate act of creating complex code to make it difficult to analyze. "The more complex the obfuscation, the longer it will take an antivirus solution to neutralize the malicious code. Tellingly, current virus writers have mastered commercial obfuscators."

Explore further: Android rises to top—in malware threats, survey shows

More information: www.securelist.com/en/analysis/204792326/Mobile_Malware_Evolution_2013

Related Stories

'Phishing' scams explode worldwide, researchers shows

June 21, 2013

Those insidious email scams known as phishing, in which a hacker uses a disguised address to get an Internet user to install malware, rose 87 percent worldwide in the past year, a security firm said Friday.

Surge in mobile network infections in 2013, says report

January 29, 2014

Alcatel-Lucent today released new data showing that security threats to mobile devices continues its rapid rise, infecting at any time more than 11.6 million devices and putting their owners at increased risk for stolen personal ...

Fighting the rise of the app attackers

February 26, 2014

Researchers have been given a share of £3 million by the Engineering and Physical Sciences Research Council (EPSRC) to counter cyber-criminals who are using malicious apps which can collude with each other to infect the ...

Recommended for you

Drone market to hit $10 billion by 2024: experts

October 3, 2015

The market for military drones is expected to almost double by 2024 to beyond $10 billion (8.9 billion euros), according to a report published Friday by specialist defence publication IHS Jane's Intelligence Review.

Radio frequency 'harvesting' tech unveiled in UK

September 30, 2015

An energy harvesting technology that its developers say will be able to turn ambient radio frequency waves into usable electricity to charge low power devices was unveiled in London on Wednesday.

Professors say US has fallen behind on offshore wind power

September 29, 2015

University of Delaware faculty from the College of Earth, Ocean, and Environment (CEOE), the College of Engineering and the Alfred Lerner School of Business and Economics say that the U.S. has fallen behind in offshore wind ...


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.