Number of malicious mobile banker packages circulating online grew by 58% in Q1 2019
Kaspersky Lab researchers have uncovered a worrying rise in malware designed to steal credentials and money from users’ bank accounts: in Q1 2019, researchers found 29,841 files of such malware, up from 18,501 in Q4 2018.
Overall, attacks on more than 300,000 users were detected. These are among the main findings of Kaspersky Lab’s IT threat evolution in Q1 2019 report.
Mobile banking Trojans are one of the most rapidly-developing, flexible and dangerous types of malware. They usually steal funds directly from mobile users’ bank accounts, but sometimes their purpose is changed to steal other kinds of credentials. The malware generally looks like a legitimate app, such as a banking application. When a victim tries to reach their genuine bank app, the attackers gain access to that too.
In Q1 2019, Kaspersky Lab detected around 30,000 modifications of various families of banking Trojans, trying to attack 312,235 unique users. What’s more, banking Trojans grew not only in the number of different samples detected - their share of the threat landscape increased as well. In Q4 2018, mobile banking Trojans accounted for 1.85% of of all mobile malware; in Q1 2019, their share reached 3.24%.
While users were subjected to a variety of mobile banking malware families, one was particularly active in the period: a new version of the Asacub malware accounted for 58.4% of all banking Trojans that attacked users. Asacub first appeared in 2015. The attackers spent two years perfecting its distribution scheme and, as a result, the malware peaked in 2018, when it attacked 13,000 users a day. Since then, its rate of spreading has closed down, although it remains a powerful threat: in Q1 2019, Kaspersky Lab detected Asacub targeting on average 8,200 users a day.
“The rapid rise of mobile financial malware is a troubling sign, especially since we see how criminals are perfecting their distribution mechanisms. For example, a recent tendency is to hide the banking Trojan in a dropper – the shell that is supposed to fly to the device under the security radar, releasing the malicious part only upon arrival,” – said Victor Chebyshev, a security researcher at Kaspersky Lab.
To reduce the risk of infection with banking Trojans, users are advised to:
- Install applications only from trusted sources, ideally – from the official app store;
- Check permissions requested by the app – if they do not correspond with the app’s task (e.g. a reader asks to access your messages and calls), this can be a sign of an unscrupulous app;
- Use a robust security solution to protect you from malicious software and its actions. For instance, the free version of Kaspersky Internet Security for Android.
- Do not click on links in spam emails;
- Do not perform the rooting procedure of the device that will provide cybercriminals with limitless capabilities.
Read the full version of the Kaspersky Lab’s IT threat evolution report Q1 on Securelist.com.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company, which has been operating in the market for over 21 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
Number of malicious mobile banker packages circulating online grew by 58% in Q1 2019
Kaspersky
Related Articles Press Releases
Updated Kaspersky Security for Mail Server offers advanced content filtering and enhanced visibility for SOC
Kaspersky has announced a significant update to its Kaspersky Security for Mail Server, designed to strengthen systems against emerging email threats. The latest version of Kaspersky Security for Mail Server features advanced functionality for content filtering, quarantine management, and enhanced visibility for Security Operations Centers (SOC).Read More >Innovation journey: Dubai welcomed Kaspersky's Cyber Immunity Conference
Leading cybersecurity experts, scientists, business leaders and government officials from more than 20 countries worldwide have come together for the inaugural international Cyber Immunity Conference. Exploring the complex and evolving cyberthreat landscape the conference provided invaluable insights into the future of our digital age and celebrated the pioneering efforts of the first Cyber Immunity Champions.Read More >Kaspersky Thin Client 2.0: Cyber Immune protection with enhanced connectivity, performance and design
Kaspersky has presented an updated operating system for thin clients that offers enhanced connectivity, higher speed of applications delivery, lower total cost of ownership, user-friendly graphical interface and quick deployment. Kaspersky Thin Client 2.0 is the main component of the Cyber Immune solution for building thin client infrastructure in a wide range of industries, including healthcare, finance, education and manufacturing.Read More >
We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.