News Column

Kaspersky Lab reports about rise in malware capable of stealing money

July 3, 2014

In its report on online threats in the banking sector Kaspersky Lab informs about an increase in malware capable of stealing money from users of online banking accounts.

In the reporting period from April 19 to May 19, 2014, Kaspersky Lab solutions blocked 341,216 attempts on computers to launch such malware. This figure represents a 36.6 per cent increase compared to the previous month. More than a third of the total number of users attacked by banking malware were in Brazil, Russia and Italy. This increase in banking malware activity is most likely related to the onset of the vacation season, when customers actively use their payment data to make all types of purchases online.

As a rule, cybercriminals try to steal users' bank card details with the help of the specialized Trojan programs. From mid-April to mid-May, Zeus Trojan-Spy.Win32.Zbot was once again the most widespread banking Trojan. According to Kaspersky Lab's research, the program was involved in 198,200 malware attacks on online banking clients. About 82,300 people were attacked by Trojan-Banker.Win32.ChePro and Trojan-Banker.Win32.Lohmys malicious programs mainly spread via spam emails with the subject "Internet bank charges".

Yet another method of stealing banking data is phishing attacks. During the reporting period, Kaspersky Lab solutions blocked 21.5 million of these attacks and almost 10 per cent of them (about two million) targeted users' bank card details.

The reporting period was marked by consequences of one particular event that seriously jeopardised the security of online payment systems, namely a vulnerability previously found in the popular encryption library OpenSSL. The bug allows attackers to gain unauthorised access to the buffer memory of a vulnerable device, be it a smartphone, personal computer or server. The Heartbleed vulnerability leaves no trace and it is still not known what data was stolen and in what volumes. However, most companies that performed online transactions using the vulnerable version of OpenSSL have recommended that their clients change their account passwords and closely monitor any unusual activity.

"The appearance of the Heartbleed vulnerability initiated a series of leaks of all kinds of data in various business fields. This was due to the fact that this vulnerability contained the cryptographic OpenSSL library which is used in different software including banking software," commented Sergey Golovanov, Principal Security Researcher at Kaspersky Lab

"The absence of an official library update for several hours after the vulnerability was detected and the slow reaction of IT security services at financial institutions in installing the update led, in some instances, to the leak of bank transaction data. That's why, in the coming months, we can expect a surge of fraudulent transactions."

For more stories covering the world of technology, please see HispanicBusiness' Tech Channel

Source: CPI Financial

Story Tools Facebook Linkedin Twitter RSS Feed Email Alerts & Newsletters