Kaspersky Lab: Malware targeting banks growing fast

More than half of all web-borne attacks that were blocked by Kaspersky Lab’s products were launched from malicious web resources located in Russia, a new report by Kaspersky Lab shows.

The report, published by Kaspersky Lab, highlights the key security incidents of the second quarter of 2015, and evaluates the Q2 cyberthreat level.

After Russia came the USA, the Netherlands, Germany, France, Virgin Islands, Ukraine, Singapore, the UK and then China.

Mobile banking has remained a key target for mobile threats. Kaspersky Lab’s Q1 2015 report mentioned Trojan-SMS.AndroidOS.OpFake.cc which was capable of attacking no less than 29 banking and financial applications.

The Trojan’s latest version that emerged in Q2 is capable of attacking 114 (four times more) banking and financial applications. Its main goal is to steal a collection of users’ login credentials in order to attack several popular email applications.

There were 5,900,000 notifications about attempted malware infections to steal money via online access to bank accounts – this is 800,000 lower than in Q1, the report says.

It also says that 291,800 new mobile malware programs emerged in Q2, which is 2.8 times greater than in Q1, and that there were one million mobile malware installation packages in Q2, which is seven times greater than in Q1.

Most targeted country in this quarter was Singapore, with 5.3 per cent of Kaspersky Lab users in that country facing online attacks from banking Trojans.

Next came Switzerland (4.2 per cent), Brazil (4 per cent), Australia (4 per cent) and Hong Kong (3.7 per cent).

Financial threats are not limited to banking malware programs which attack the clients of online banking systems. Aside from banking malware (83 per cent), financial threats are also posed by Bitcoin miners (nine per cent) – these are malware programs that use the victim’s computer’s computational resources to generate bitcoins, as well as bitcoin wallet stealers (six per cent) and keyloggers (two per cent).

In Q2, Kaspersky Lab’s Global Research and Analysis Team disclosed four cyberespionage campaigns CozyDuke, Naikon, Hellsing and Duqu 2.0. The victim toll includes government agencies, commercial companies and other high-level targets.

The second quarter has also demonstrated the cybercriminals’ interest in small and medium businesses – this type of business was targeted by the cyberespionage campaign Grabit. Cybercriminals focused on economic sectors such as nanotechnologies, education, agriculture, mass media, construction and the chemical industry.

The full report can be found on this link.