Kaspersky Lab spots mobile malware interest on bank accounts

Feb 27, 2014 by Nancy Owano weblog

Looking at data for 2013, Kaspersky Lab analysts said it is clear that the mobile malware sector has grown up to be a breed of sophisticated pickpockets with slick techniques and with special sights on robbing money from bank accounts. A report from Kaspersky Lab stated it was safe to say that "today's cybercriminal is no longer a lone hacker but part of a serious business operation."

The criminals who are focused on banking as targets unleash advanced programs that are Trojans targeting accounts, in what has become an attractive source of criminal earnings. "Mobile Malware Evolution: 2013" reported on attempts to steal data from mobile phones and tablets. "Most mobile is designed to steal users' money, including SMS-Trojans, and lots of backdoors and Trojans," wrote lab analysts Victor Chebyshev and Roman Unuchek. Over the year, the number of mobile malware modifications designed for phishing, theft of and money increased by a factor of 19.7. At the beginning of the year, the authors said they knew only 67 banking Trojans. By the end of the year there were 1321 unique samples.

Another finding: Mobile banking attacks were more abundant in certain geographic areas. They said the top five countries with the highest number of attacked users were Russia, India, Vietnam, Ukraine and the UK, accordingly. In Russia, mobile cybercrime is particularly prevalent and 40.3% of all users attacked worldwide in 2013 were located in that country..

The report noted, though, that Russia and the CIS (Commonwealth of Independent States) countries often serve as a testing ground for new technologies. "Having perfected their technologies in the Russian-language sector of the Internet, the cybercriminals then turn their attention to users in other countries."

While the majority of :banking Trojan attacks target users in Russia and the CIS, Chebyshev said that given the cybercriminals' keen interest in user bank accounts, the activity of Trojans is expected to grow in other countries in 2014.

A total of 143,211 new modifications of malicious programs targeting mobile devices were detected in all of 2013 (as of January 1, 2014).

Android—whether, as some argue, because of its popularity or others, because of architecture vulnerability—showed up in the findings as a prime target for malicious attacks. Most (98.05%) of all malware detected last year targeted this platform.

The authors named specific types of "malicious innovations" targeting . The list included the Perkele Android Trojan, attacking Russian users and clients of European banks. Its main task is to bypass the two-factor authentication of the client in the online banking system.

They also cited a Korean malicious program Wroba, which searches for mobile banking applications, removes them and uploads counterfeit versions. "From the outside, they are indistinguishable from the legitimate applications. However, they possess no banking functions, and merely steal the logins and passwords entered by users."

Frequency, geographic targeting and types do not complete the picture of what is going on in mobile banking theft. The report also examined the maturity of what is now a "cyber industry" motivated to profit as effectively as possible The report said various types of actors involved in the mobile malware industry include virus writers, testers, interface designers of malicious apps and the web pages they are distributed from, owners of partner programs that spread the malware, and mobile botnet owners.

What's more, criminals are increasingly using obfuscation, which Kaspersky Lab described as the deliberate act of creating complex code to make it difficult to analyze. "The more complex the obfuscation, the longer it will take an antivirus solution to neutralize the malicious code. Tellingly, current virus writers have mastered commercial obfuscators."

Explore further: Surge in mobile network infections in 2013, says report

More information: www.securelist.com/en/analysis… lware_Evolution_2013

add to favorites email to friend print save as pdf

Related Stories

Surge in mobile network infections in 2013, says report

Jan 29, 2014

Alcatel-Lucent today released new data showing that security threats to mobile devices continues its rapid rise, infecting at any time more than 11.6 million devices and putting their owners at increased risk for stolen personal ...

'Phishing' scams explode worldwide, researchers shows

Jun 21, 2013

Those insidious email scams known as phishing, in which a hacker uses a disguised address to get an Internet user to install malware, rose 87 percent worldwide in the past year, a security firm said Friday.

Fighting the rise of the app attackers

Feb 26, 2014

Researchers have been given a share of £3 million by the Engineering and Physical Sciences Research Council (EPSRC) to counter cyber-criminals who are using malicious apps which can collude with each other to infect the ...

Recommended for you

Study shows role of media in sharing life events

1 hour ago

To share is human. And the means to share personal news—good and bad—have exploded over the last decade, particularly social media and texting. But until now, all research about what is known as "social sharing," or the ...

UK: Former reporter sentenced for phone hacking

8 hours ago

(AP)—A former British tabloid reporter was given a 10-month suspended prison sentence Thursday for his role in the long-running phone hacking scandal that shook Rupert Murdoch's media empire.

Evaluating system security by analyzing spam volume

8 hours ago

The Center for Research on Electronic Commerce (CREC) at The University of Texas at Austin is working to protect consumer data by using a company's spam volume to evaluate its security vulnerability through the SpamRankings.net ...

Surveillance a part of everyday life

9 hours ago

Details of casual conversations and a comprehensive store of 'deleted' information were just some of what Victoria University of Wellington students found during a project to uncover what records companies ...

European Central Bank hit by data theft

10 hours ago

(AP)—The European Central Bank said Thursday that email addresses and other contact information have been stolen from a database that serves its public website, though it stressed that no internal systems or market-sensitive ...

Twitter admits to diversity problem in workforce

12 hours ago

(AP)—Twitter acknowledged Wednesday that it has been hiring too many white and Asian men to fill high-paying technology jobs, just like several other major companies in Silicon Valley.

User comments : 0