Mobile banking trojans, designed to steal money directly from mobile users’ bank accounts, topped Kaspersky Lab's list of cyber headaches in the second quarter.
According to Kaspersky's Q2 IT threat evolution report, the number of installation packages for mobile banking reached a historic high at more than 61,000, more than three times the growth when compared to the first quarter, and more than double the installations than in the first quarter of last year.
Victor Chebyshev, security expert at Kaspersky, tells Channel Partners more people started to use Android-based devices in the second quarter, increasing the total count of detected mobile malware.
"In the U.S. specifically, we found users were attacked the most with mobile banking malware; therefore, there is an opportunity for the IT channel – cybersecurity providers – to make U.S. businesses aware of this and offer protection from these increasing mobile threats," he said. "Cybercriminals always want to grow the geographical distribution of the malware, but in [the second quarter of] 2018 we saw that they just rose their distribution in the U.S."
Mobile-banking trojans are attractive to cybercriminals globally who are looking for an easy profit, according to Kaspersky. The malware typically is disguised as a legitimate app to lure people into installing it. Once the banking app is launched, the Trojan displays its own interface overlaying the app’s interface. When the user inputs credentials, the malware steals the information.
The biggest contribution was made by the creators of Trojan Hqwar, with about half of the new modifications discovered relating to this malware. Trojan Agent took second place with around 5,000 packages.
The top three countries with the biggest share of users attacked with mobile banking malware, in proportion to all users attacked with any kind of mobile malware, were the United States, Russia and Poland.
According to Kaspersky, such high numbers could be part of a global trend for mobile malware growth, as the overall number of mobile malware installation packages also increased by more than 421,000 compared to the previous quarter.
"It seems that cybercriminals still pay attention to massive malware distribution: The more they create and distribute, the more possibility of success infection," Chebyshev said. "In[the second quarter], we saw the opposite situation where cybercriminals paid more attention to the quality of their creations instead of quantity."
Other online threat statistics from the report include:
- Kaspersky Lab offerings detected and repelled 963 million malicious attacks from online resources in 187 countries.
- More than 350 million unique URLs were recognized as malicious by web antivirus components, up 24 percent since the first quarter.
- Attempted infections by malware that aim to steal money via online access to bank accounts were registered on nearly 216,000 user computers.
- Kaspersky’s file antivirus detected a total of 192 million unique malicious and potentially unwanted objects.
- Kaspersky mobile-security products also detected 1.74 million malicious installation packages.
"Cybercriminals are always creating new modifications to their malicious software to make it more sophisticated and discreet for cybersecurity vendors to detect," Chebyshev said. "The IT channel['s] cybersecurity providers need to be extremely cautious and stay up to date on the latest threats to protect their customers [and] users as the use of mobile banking malware continues to rise at a startling rate this year."