Mobile Banking Malware On The Rise, Kaspersky Lab Warns

Mobile banking trojans are one of the most rapidly-developing pieces of malware, a new report from security specialist Kaspersky Lab has warned.

It said it has witnessed a “worrying amount of attacks” carried out on more than 300,000 users, with a type of malware designed to steal credentials and money from users’ bank accounts.

Last year for example Cisco warned that the infamous Gozi banking trojan was being used in targeted attacks deployed over surprisingly sophisticated botnet infrastructure.

Banking trojans

But Kaspersky Lab’s IT threat evolution report Q1 has report has found that while users were subjected to a variety of mobile banking malware families, one was particularly active in the Q1 period.

It found that a new version of the Asacub malware accounted for 58.4 percent of all banking Trojans that attacked users.

Indeed, in Q1 Kaspersky Lab detected Asacub targeting on average 8,200 users a day.

And Kaspersky Lab researchers also uncovered a large increase in malware designed to steal credentials and money from users’ bank accounts. In the first quarter of 2019, its researchers found 29,841 files of such malware, up from 18,501 in Q4 2018.

Overall, attacks on more than 300,000 users were detected, said Kaspersky Lab.

And it warned that mobile banking Trojans are “one of the most rapidly-developing, flexible and dangerous types of malware.”

In Q4 2018, mobile banking Trojans accounted for 1.85 percent of of all mobile malware; in Q1 2019, their share reached 3.24 percent.

This malware often looks like a legitimate app, such as a banking application. But when a victim tries to reach their genuine bank app, the attackers can gain access to that too.

The security researchers said they had detected around 30,000 modifications of various families of banking Trojans, trying to attack 312,235 unique users, in the first quarter of the year.

Mobile malware

“The rapid rise of mobile financial malware is a troubling sign, especially since we see how criminals are perfecting their distribution mechanisms,” said Victor Chebyshev, a security researcher at Kaspersky Lab.

“For example, a recent tendency is to hide the banking Trojan in a dropper – the shell that is supposed to fly to the device under the security radar, releasing the malicious part only upon arrival,” he added.

Kaspersky Lab advised users that in order to reduce the risk of infection with banking Trojans, they should only install applications only from trusted sources, ideally – from the official app store.

Users are also advised to check permissions requested by the app.

And of course, Kaspersky Lab recommends that a robust security solution is used, and do not click on links in spam email.

Do you know all about security? Try our quiz!