by September 9, 2013 0 comments

Increased online banking threats and availability of sophisticated, inexpensive malware toolkits are among the growing concerns cited in Trend Micro’s Q2 2013 Security Roundup Report. The report warns users about the increasing hazards of online banking. The online banking malware saw 29 percent increase from the previous quarter- from 113,000 to 146,000 infections.

More online banking threats were seen in different countries this quarter, specifically in Brazil, South Korea, India and Japan. These highlighted the need for increased awareness of online banking security. Cybercriminals also came up with more diverse attacks that used various social engineering lures, single sign-on (SSO) and multiprotocol services, and blogging platforms for their malicious schemes.

The FAKEBANK malware spotted this quarter spoofs legitimate apps. It contains specific Android application package files (APKs), which it copies to a device’s Secure Digital (SD) card. Using the APK files, the malware displays icons and a user interface that imitates legitimate banking apps. This technique is reminiscent of PC banking Trojans that monitor users’ browsing behaviors and spoofs banking sites.

As predicted, cybercriminals have not generated completely new threats and instead opted to repackage old ones. The online banking malware volume significantly increased this quarter due in part to the rise in the ZeuS/ZBOT malware volume in the wild. Online banking threats are spreading across the globe and are no longer concentrated in certain regions like Europe and the Americas.

In the cybercriminal underground, the CARBERP source code was “leaked,” making the creation of banking Trojans even easier to do for bad guys. Meanwhile, other online banking Trojan toolkits like ZeuS, SpyEye, and Ice IX are already available for free, making it easier for any skilled hacker to obtain their source codes.

For full Q2 Report, please click on the link: http://about-threats.trendmicro.com/us/security-roundup/2013/2Q/mobile-threats-in-full-throttle/

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.

Your data will be safe!Your e-mail address will not be published. Also other data will not be shared with third person.