Kaspersky Lab have uncovered a significant rise in malware designed to steal credentials and money from users’ bank accounts. In Q1 2019, company researchers detected 29,841 different malicious mobile banking Trojans circulating online, up from 18,501 in Q4 2018.
Mobile banking Trojans are one of the most rapidly developing, flexible and dangerous types of malware. They typically steal funds directly from consumers’ bank accounts, but sometimes their purpose is changed to steal other kinds of credentials. The malware looks like a legitimate application, such as a banking app. When a victim tries to reach their actual bank app, the attackers gain access to that, too.
In Q1 2019, Kaspersky Lab detected a 58% increase in modifications of banking Trojan families, used in attacks on 312,235 unique users. Banking Trojans grew not only in the number of different samples detected, but their share of the threat landscape increased as well. In Q4 2018, mobile banking Trojans accounted for 1.85% of all mobile malware; in Q1 2019, their share reached 3.24%.
While users were subjected to a variety of mobile banking malware families, one was particularly active in the first quarter of 2019: a new version of the Asacub malware accounted for 58.4% of all banking Trojans that attacked users. Asacub first appeared in 2015, and the attackers subsequently spent two years perfecting its distribution scheme. As a result, the malware peaked in 2018, when it attacked 13,000 users a day. Since then, its distribution rate has slowed, although it remains a powerful threat. In Q1 2019, Kaspersky Lab detected Asacub targeting 8,200 users a day on average.
Other statistics from Kaspersky’s report:
-Kaspersky Lab solutions detected and repelled 947,027,517 malicious attacks from online resources located in 203 countries around the world.
-Web antivirus components recognized 246,695,333 unique URLs as malicious.
-Attempted infections by PC malware that aims to steal money via online access to bank accounts were registered on 305,315 user computers.
-Kaspersky Lab’s file antivirus detected a total of 239,177,356 unique malicious and potentially unwanted objects.
To reduce the risk of infection by a banking Trojan, Kaspersky Lab advises the following:
Install applications only from trusted sources, and ideally, only from the official app store.
Check permissions requested by any app that you download. If they do not correspond with the app’s task (e.g. a reader asks to access your messages and calls), this can be a sign of a suspicious app.
Use a robust security solution on your mobile device to protect you from malicious software and its actions, such as Kaspersky Internet Security for Android.