Ransomware threatens mobile payments
Mobile financial threats are now among the ranks of the top ten malicious programs that were created to steal money, according to new data from Kaspersky Lab.
In its latest security bulletin about the trends in 2015, it dives into what it calls the “rapid spread of ransomware,” which Kaspersky Lab reported being found in 200 countries and territories alone in 2015. But that’s not to say traditional financial cybercrime has gone down.
Kaspersky’s data shows that its lab solutions blocked “almost 2 million” attempts to launch malware that the firm says is capable of stealing money through online banking using computers. This was a 2.8 percent increase from the year prior.
During the year, Kaspersky identified two families of mobile banking Trojans that were prevalent. One in particular (Marcher family) works to steal payment credentials from Android devices. When the user attempts to start an app that has been infected, the Trojan shows what Kaspersky calls a “false window” that asks for credit card details. Those are then sent onto the hackers to steal the data.
“This year, cybercriminals focused time and resources in developing malicious financial programs for mobile devices. This is not surprising as millions of people worldwide now use their smartphone to pay for services and goods. Based on current trends, we can assume that next year, mobile banking malware will account for an even greater share,” Yury Namestnikov, senior security researcher at Global Research and Analysis Team for Kaspersky Lab, wrote in a company news release.
Kaspersky’s data also showed that ransomeware has expanded greatly this year to new devices, as its data shows that only 17 percent of ransomeware attacks involve Android devices. Another trend identified by the firm: the number of users attacked by encryption ransomware (up 48.3 percent from 2014).
Other trends in cybercriminal activity highlighted by Kaspersky Lab include:
Cybercriminals looking to minimize the risk of criminal prosecution switched from malware attacks to the aggressive distribution of adware. In 2015, adware accounted for 12 of the top 20 Web-based threats. Advertising programs were registered on 26.1 percent of user computers.
Kaspersky Lab also observed new techniques for masking exploits, shellcodes and payloads to make the detection of infections and analysis of malicious code more difficult. Specifically, cybercriminals used the Diffie-Hellman encryption protocol and concealed exploit packs in Flash objects.
Cybercriminals made active use of Tor anonymization technology to hide command servers and used bitcoins for making transactions.