Kaspersky Lab spots mobile malware interest on bank accounts

Feb 27, 2014 by Nancy Owano weblog

Looking at data for 2013, Kaspersky Lab analysts said it is clear that the mobile malware sector has grown up to be a breed of sophisticated pickpockets with slick techniques and with special sights on robbing money from bank accounts. A report from Kaspersky Lab stated it was safe to say that "today's cybercriminal is no longer a lone hacker but part of a serious business operation."

The criminals who are focused on banking as targets unleash advanced programs that are Trojans targeting accounts, in what has become an attractive source of criminal earnings. "Mobile Malware Evolution: 2013" reported on attempts to steal data from mobile phones and tablets. "Most mobile is designed to steal users' money, including SMS-Trojans, and lots of backdoors and Trojans," wrote lab analysts Victor Chebyshev and Roman Unuchek. Over the year, the number of mobile malware modifications designed for phishing, theft of and money increased by a factor of 19.7. At the beginning of the year, the authors said they knew only 67 banking Trojans. By the end of the year there were 1321 unique samples.

Another finding: Mobile banking attacks were more abundant in certain geographic areas. They said the top five countries with the highest number of attacked users were Russia, India, Vietnam, Ukraine and the UK, accordingly. In Russia, mobile cybercrime is particularly prevalent and 40.3% of all users attacked worldwide in 2013 were located in that country..

The report noted, though, that Russia and the CIS (Commonwealth of Independent States) countries often serve as a testing ground for new technologies. "Having perfected their technologies in the Russian-language sector of the Internet, the cybercriminals then turn their attention to users in other countries."

While the majority of :banking Trojan attacks target users in Russia and the CIS, Chebyshev said that given the cybercriminals' keen interest in user bank accounts, the activity of Trojans is expected to grow in other countries in 2014.

A total of 143,211 new modifications of malicious programs targeting mobile devices were detected in all of 2013 (as of January 1, 2014).

Android—whether, as some argue, because of its popularity or others, because of architecture vulnerability—showed up in the findings as a prime target for malicious attacks. Most (98.05%) of all malware detected last year targeted this platform.

The authors named specific types of "malicious innovations" targeting . The list included the Perkele Android Trojan, attacking Russian users and clients of European banks. Its main task is to bypass the two-factor authentication of the client in the online banking system.

They also cited a Korean malicious program Wroba, which searches for mobile banking applications, removes them and uploads counterfeit versions. "From the outside, they are indistinguishable from the legitimate applications. However, they possess no banking functions, and merely steal the logins and passwords entered by users."

Frequency, geographic targeting and types do not complete the picture of what is going on in mobile banking theft. The report also examined the maturity of what is now a "cyber industry" motivated to profit as effectively as possible The report said various types of actors involved in the mobile malware industry include virus writers, testers, interface designers of malicious apps and the web pages they are distributed from, owners of partner programs that spread the malware, and mobile botnet owners.

What's more, criminals are increasingly using obfuscation, which Kaspersky Lab described as the deliberate act of creating complex code to make it difficult to analyze. "The more complex the obfuscation, the longer it will take an antivirus solution to neutralize the malicious code. Tellingly, current virus writers have mastered commercial obfuscators."

Explore further: Clinton used personal email account as Secretary of State

More information: www.securelist.com/en/analysis… lware_Evolution_2013

add to favorites email to friend print save as pdf

Related Stories

Surge in mobile network infections in 2013, says report

Jan 29, 2014

Alcatel-Lucent today released new data showing that security threats to mobile devices continues its rapid rise, infecting at any time more than 11.6 million devices and putting their owners at increased risk for stolen personal ...

'Phishing' scams explode worldwide, researchers shows

Jun 21, 2013

Those insidious email scams known as phishing, in which a hacker uses a disguised address to get an Internet user to install malware, rose 87 percent worldwide in the past year, a security firm said Friday.

Fighting the rise of the app attackers

Feb 26, 2014

Researchers have been given a share of £3 million by the Engineering and Physical Sciences Research Council (EPSRC) to counter cyber-criminals who are using malicious apps which can collude with each other to infect the ...

Recommended for you

Supreme Court allows challenge to Colorado Internet tax law

6 hours ago

A unanimous Supreme Court ruled Tuesday that federal courts can hear a dispute over Colorado's Internet tax law. One justice suggested it was time to reconsider the ban on state collection of sales taxes from companies outside ...

Clinton used personal email account as Secretary of State

9 hours ago

Hillary Rodham Clinton used a personal email account during her time as secretary of state, rather than a government-issued email address, potentially hampering efforts to archive official government documents ...

Twitter working with probe on online threats

Mar 02, 2015

Twitter said Monday it was working with law enforcement officials on unspecified threats, amid reports that the social network had been targeted for blocking accounts linked to the Islamic State.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.