Mobile Banking Malware On The Rise, Kaspersky Lab Warns

Mobile banking trojans are one of the most rapidly-developing pieces of malware, a new report from security specialist Kaspersky Lab has warned.

It said it has witnessed a “worrying amount of attacks” carried out on more than 300,000 users, with a type of malware designed to steal credentials and money from users’ bank accounts.

Last year for example Cisco warned that the infamous Gozi banking trojan was being used in targeted attacks deployed over surprisingly sophisticated botnet infrastructure.

Banking trojans

But Kaspersky Lab’s IT threat evolution report Q1 has report has found that while users were subjected to a variety of mobile banking malware families, one was particularly active in the Q1 period.

It found that a new version of the Asacub malware accounted for 58.4 percent of all banking Trojans that attacked users.

Indeed, in Q1 Kaspersky Lab detected Asacub targeting on average 8,200 users a day.

And Kaspersky Lab researchers also uncovered a large increase in malware designed to steal credentials and money from users’ bank accounts. In the first quarter of 2019, its researchers found 29,841 files of such malware, up from 18,501 in Q4 2018.

Overall, attacks on more than 300,000 users were detected, said Kaspersky Lab.

And it warned that mobile banking Trojans are “one of the most rapidly-developing, flexible and dangerous types of malware.”

In Q4 2018, mobile banking Trojans accounted for 1.85 percent of of all mobile malware; in Q1 2019, their share reached 3.24 percent.

This malware often looks like a legitimate app, such as a banking application. But when a victim tries to reach their genuine bank app, the attackers can gain access to that too.

The security researchers said they had detected around 30,000 modifications of various families of banking Trojans, trying to attack 312,235 unique users, in the first quarter of the year.

Mobile malware

“The rapid rise of mobile financial malware is a troubling sign, especially since we see how criminals are perfecting their distribution mechanisms,” said Victor Chebyshev, a security researcher at Kaspersky Lab.

“For example, a recent tendency is to hide the banking Trojan in a dropper – the shell that is supposed to fly to the device under the security radar, releasing the malicious part only upon arrival,” he added.

Kaspersky Lab advised users that in order to reduce the risk of infection with banking Trojans, they should only install applications only from trusted sources, ideally – from the official app store.

Users are also advised to check permissions requested by the app.

And of course, Kaspersky Lab recommends that a robust security solution is used, and do not click on links in spam email.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Apple Slashes iPhone Prices In China

Amid intense competition from Huawei and others, Apple has again slashed the price of its…

2 hours ago

Bitcoin ‘Creator’ Craig Wright Repeatedly Lied, Rules UK Judge

Damning ruling by British judge, after he rules that self-proclaimed bitcoin inventor lied 'repeatedly' to…

3 hours ago

Julian Assange Granted Right To Challenge US Extradiction Order

High Court rules Wikileaks founder Julian Assange can appeal against extradition to the US, despite…

4 hours ago

Tesla Layoffs Continue With Another 600 Jobs In California

Regulatory filing last week shows Elon Musk's Tesla is cutting another 600 jobs in California,…

6 hours ago

UK Regulator Declines To Investigate Microsoft’s Mistral AI Deal

Weeks after seeking feedback on Microsoft's partnership with Mistral AI, UK regulator says it does…

9 hours ago

UK AI Safety Institute To Open Office In US

Seeking collaboration on AI regulation, UK's AI Safety Institute to cross Atlantic and will open…

10 hours ago