In exhibition for online banking threats, Kaspersky Lab ενημερώνει ότι το malware που μπορεί να κλέβει χρήματα από τους users online bank accounts has been on the rise. From April 19 to May 19, Kaspersky Lab's solutions blocked 341.216 attempts to install malicious programs of this type on users' computers. This number corresponds to an increase of 36,6% compared to the previous month. Over a third of users attacked by banking malware was in Brazil, the Russia και την Ιταλία. Αυτή η αύξηση πιθανότατα σχετίζεται με την έναρξη της περιόδου των διακοπών, κατά την οποία οι χρήστες χρησιμοποιούν ενεργά ηλεκτρονικές υπηρεσίες και data payments, to carry out online markets every kind.
The chart below depicts the global map based on the number of attacks from a bank malware, per country.
As a rule, digital criminals are trying to steal user bank card details with the help of specialized Trojan programs. From mid-April to mid-May, Zeus (Trojan-Spy.Win32.Zbot) emerged once again as the most widespread Trojan bank. According to Kaspersky Lab's research, this program was involved in 198.200 attacks against customers online banking. About 82.300 people have been attacked by him Trojan-Banker.Win32.CheProand Trojan-Banker.Win32.Lohmys. The above malicious programs are mainly spread through spam emails, with the subject "Online Banking Charges" ("Internet bank charges").
Phishing attacks are another method of banning banking data. At the time of Kaspersky Lab's report, the company's solutions prevented 21,5 from millions of attacks of this kind. Nearly 10% (about 2 million), these attacks were targeted at user bank card data.
Also, this period was marked by the consequences of an event that posed a serious risk to the security of electronic payment systems. This is vulnerability heartbleed, which was found in the popular OpenSSL encryption library. This bug allows attackers to gain unauthorized access to the buffer of a handheld device, such as smartphones, computers, or servers. Heartbleed vulnerability does not leave any trace, and it's still not known what kind of data was stolen and what is its volume. It is noted that most companies doing electronic transactions using the vulnerable version of OpenSSL have recommended their customers to change passwords to their accounts and closely monitor any unusual activity.
"The appearance of Heartbleed triggered a series of data leaks of various kinds in various business areas. This is due to the fact that this has affected the cryptographic "OpenSSL" library, which is used in various software, including bank software, "commented Sergey Golovanov, Principal Security Researcher by Kaspersky Lab. "The absence of an official 'library' update for several hours after the vulnerability was discovered, combined with the fact that there was a delay in installing the update on financial institutions' electronic security systems, led, in some cases, to the leakage of data related to with bank transactions. For this reason, we can expect an increase in illegal transactions in the coming months," he added.
Kaspersky Lab publishes monthly reports on online banking threats within Intelligence Serviceswhich includes the Kaspersky Fraud Prevention platform. The platform offers multi-level protection for electronic payments and prevents online financial frauds. The Kaspersky Fraud Preventionintegratesserver components which are installed on hardware financial institutions,clientterminal applications and specialized information services.
Learn more about its security solution Kaspersky Lab aimed at financial institutions are available on its websiteKaspersky Fraud Prevention.
