- CyberCrime Center
April 18, 2014
A new study, “Financial Cyber Threats in 2013,” from Kaspersky Lab says cyberattacks using financial malware increased 27.6 percent in 2013 over the previous year.
Cybercriminals used every possible maltechnology (yes we just coined the word) including banking Trojans, keyloggers and two new types of malware; one targets Bitcoin wallets, the other downloads software to generate the crypto-currency.
Kaspersky Lab senior security researcher, Sergey Lozhkin, said, “The popularity of banking Trojans and other programs targeting financial data is due to the fact cybercriminals can use them to make money quickly. The current situation has forced users and financial institutions to take active measures against online threats, while security software vendors have to develop new protection solutions.”
Banking Trojans such as Zbot, Carberp, and SpyEye were responsible for about two-thirds of financial malware in 2013. However, their “market share” decreased compared to 2012 because most of the attacks were aimed at Bitcoin users. Keylogger use also decreased because cybercriminals opted for improved specialized programs.
Compared to the previous year, financial attacks on Russian users declined by 9.19 percent while attacks on American users increased from 17.56 percent in 2012 to 30.8 percent in 2013. The proportion of attacks on German users almost doubled from 5.83 percent to 9.32 percent.
Also of note in the study:
• 31.45% of all phishing attacks in 2013 targeted financial institutions.
• 22.2% of all attacks involved fake bank websites; the share of banking phishing doubled over 2012.
• In 2013, the number of cyberattacks involving malware designed to steal financial data rose by 27.6% to 28.4 million. The number of users attacked by this financial-targeting malware reached 3.8 million, an 18.6% increase year on year.
• In the study’s malware sample collection, the number of malicious Android applications designed to steal financial data rose almost fivefold in the second half of 2013, from 265 samples in June to 1321 in December.
ThreatMetrix® builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.
ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 500 million monthly transactions and protects more than 160 million active user accounts across 2,500 customers and 10,000 websites.
The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.
For more information, visit www.threatmetrix.com or call 1-408-200-5755.
Posted by Dan Rampe
Tags: Account Takeover, Account Takeover Fraud, Bank Fraud, Botnets, Building Trust on the Internet, CNP fraud, Context-Based Authentication, Cookieless Device Identification, Credit Card Fraud, Cyber attacks, Data Breach, Device Detection, Device Fingerprint, Device Fingerprinting, Device ID, Device Identification, Fraud Prevention, Hacking, Identity Spoofing, Identity theft, Malware, Malware Detection, Malware Protection, Man-in-the-Browser Detection, MitB, Mobile fraud, Online Fraud, Phishing, Phishing Detection, PII, ThreatMetrix, ThreatMetrix Cybercrime Index, ThreatMetrix Global Trust Intelligence Network, Trust Tags, TrustDefender Cybercrime Protection Platform, Web Fraud