The research by Kaspersky Lab «Financial Cyberthreats in 2014 » reports that the number of financial attacks with malware against Android users increased by 3,25 times 2014. After an initial decrease in March of 2014, Kaspersky Lab researchers have seen a significant increase in the number of attacks through malware Trojan-SMS in the second half of the year.
- 48,15% of attacks against Android users, blocked by Kaspersky Lab's products, used malicious software to target financial data (Trojan-SMS and Trojan-Banker).
- The number of financial attacks against users Android 2014 increased by 3,25 times compared to 2013 (from 711.993 to 2.317.194 attacks), while the number of attacked users increased 3,64 times (from 212.890 to 775.887).
- 98,02% of all attacks with Android banking malware corresponded to just three malicious software "families".
Android is one of the most popular mobile operating systems in the world. Hence, it attracts digital criminals who target users' personal information and money. In 2014, Kaspersky Lab products for Appliances Android prevented a total of 2.317.194 financial attacks against 775.887 users worldwide. Most of them (2.217.979 attacks against 750.327 users) used Trojan-SMS malware, while the rest (99.215 attacks against 59.200 users) used Trojan-Banker malware.
Despite the fact that Trojan-Banker's contribution to the overall volume of financial attacks against Android users is relatively small, it continues to grow. During the year, Kaspersky Lab's products identified 20 as different malicious Trojan-Banker programs. Among them, there were only three main "protagonists": Faketoken, Svpeng and Marcher. Svpeng and Marcher are capable of stealing login details into electronic bank accounts and credit card details by replacing mobile bank account and app stores in an "infected" device. Faketoken has been designed to intercept mTANs, which are used in multi-factor authentication systems, by promoting them to criminals. These three "families" accounted for 98,02% of all Trojan-Banker attacks.
The return of Trojan-SMS
In the spring of 2014, Kaspersky Lab researchers noted a significant reduction in the number of Trojan-SMS malware attacks. One possible reason for this reduction was the introduction of the Advice of Charge service from mobile operators in Russia (the main source of the Trojan-SMS threat). This means that whenever a customer (or Trojan-SMS) attempts to send a message to a special charge number, the provider notifies the customer how much the service will cost and asks for additional user confirmation.
The downward trend stopped in July and followed a steady rise in the remainder of the year. Growth accelerated in December, which is traditionally one month with particularly high online shopping and online trading, with criminals putting economic data into the focus.
"During 2014, our cumulative database with users Android has increased considerably, which has also led to an increase in the number of malware and malicious software detected. However, the overall rate of growth of attacks with financial malware was faster and greater than could only be explained by an increase in the number of devices Android. This growth rate is mainly due to Trojan-SMS. We believe that the main reason for their return Trojan-SMS is the appearance of malware capable of both "infection" and theft, even when the "Billing Information" service is applied to the mobile network. For example, we discovered such functionalvulnerability to malicious modifications of malicious programs Opfake.a and Fakeinst. Both are very active representatives of them Trojan-SMS» said Roman Unuchek, Kaspersky Lab's Senior Malware Analyst.
Η Kaspersky Lab διαθέτει εμπειρία πολλών ετών, που χαίρει ιδιαίτερου σεβασμού, στην καταπολέμηση ψηφιακών απειλών εναντίον φορητών συσκευών. Η εμπειρία αυτή αποτελεί τη βάση των λύσεων ασφάλειας της Kaspersky Lab. Για παράδειγμα, στην πλατφόρμα Kaspersky Fraud Prevention περιλαμβάνεται ένα Software Developer Kit για mobile λογισμικό, το οποίο επιτρέπει στις τράπεζες να προστατεύουν τους πελάτες τους από την ηλεκτρονική οικονομική απάτη. Αυτό επιτρέπει στις τράπεζες να δημιουργήσουν mobile banking εφαρμογές που θα είναι ανθεκτικές απέναντι στις ψηφιακές απειλές. Οι λύσεις της Kaspersky Lab για οικιακούς χρήστες, όπως το Kaspersky Internet Security – Multi-Device και το Kaspersky Total Security – Multi-Device, περιλαμβάνουν επίσης εφαρμογές ασφάλειας για τις πιο δημοφιλείς φορητές platforms.
The full text of the "Financial cyberthreats in 2014" survey is available at Securelist.com.
