Banking, financial institutions and governments in developed or technologically advanced countries continue to be targets of cyberattacks, with mobile banking remaining a main target for mobile threats.
Kaspersky Lab’s Q1 2015 report mentioned Trojan-SMS.AndroidOS.OpFake.cc, which was capable of attacking no less than 29 banking and financial applications. The Trojan’s latest version that emerged in Q2 is capable of attacking 114 (four times more) banking and financial applications. Its main goal is to steal the user’s login credentials with which to attack, among others, several popular email applications.
Attacks on the Web: Financial Threats
There were 5,900,000 notifications about attempted malware infections to steal money via online access to bank accounts – this is 800,000 lower than in Q1.
In Q2 2015, Singapore became the leader in the number of Kaspersky Lab users who came under web-borne attacks by banking Trojans – 5.3% of all Kaspersky Lab users in Singapore faced this threat over this time period. Next came Switzerland with 4.2%, Brazil (4%), Australia (4%) and Hong Kong (3.7%).
Note that most countries in the Top 10 are technologically advanced and/or have a developed banking system, which attracts the cybercriminals’ attention.
Financial threats are not limited to banking malware programmes which attack the clients of online banking systems. Apart from banking malware (83%), financial threats are posed by Bitcoin miners (9%) – these are malware programmes that use the victim’s computer’s computational resources to generate bitcoins, as well as bitcoin wallet stealers (6%) and keyloggers (2%).
In Q2, Kaspersky Lab’s Global Research and Analysis Team disclosed four cyberespionage campaigns CozyDuke, Naikon, Hellsing and Duqu 2.0. The victim toll includes government agencies, commercial companies and other high-level targets.
The second quarter has also demonstrated the cybercriminals’ interest in small and medium businesses – this type of businesses was targeted by the cyberespionage campaign Grabit. Cybercriminals focused on economic sectors such as the chemical industry, nanotechnologies, education, agriculture, mass media and construction.
“In Q2 we launched an important initiative called Securing Smart Cities, which aims to help those responsible for developing smart cities to do so without forgetting about cybersecurity. If security measures are not planned at the development stage, that could have serious implications later, and retro-fitting security might not be a straightforward task,” comments Alexander Gostev, Chief Security Exert at Kaspersky Lab’s Global Research and Analysis Team.
Q2 in Figures
According to KSN data, Kaspersky Lab solutions detected and repelled a total of 379.9 millions of malicious attacks from online resources located all over the world – this is 19% lower than in Q1.
During the three month period, an average of 23.9% of Internet users’ computers across the world came under a web-borne attack at least once. This is 2.4 percentage points lower than in Q1.
26,000,000 unique malicious objects were detected, which is 8.4% lower than in Q1. The script AdWare.JS.Agent.bg was the most widespread among such objects – this script is injected by adware programmes into arbitrary web pages.