29,841 files of the malware in Q1 of 2019 were found, which is up from 18,501 in Q4
Kaspersky Lab, a cybersecurity and anti-virus company, has revealed a rise in a specific malware intended to steal money and credentials from people’s bank accounts.
29,841 files of the malware in Q1 of 2019 were found, which is up from 18,501 in Q4, according to Kaspersky’s Q1, 2019 IT threat evolution report. Attacks on upwards of 300,000 users were detected.
“Mobile banking Trojans are one of the most rapidly-developing, flexible and dangerous types of malware. They usually steal funds directly from mobile users’ bank accounts, but sometimes their purpose is changed to steal other kinds of credentials,” the company said. “The malware generally looks like a legitimate app, such as a banking application. When a victim tries to reach their genuine bank app, the attackers gain access to that too.”
Around 30,000 modifications of different families of banking Trojans were detected, which were trying to attack 312,235 users, according to Kaspersky Lab. In Q4 of 2018, mobile Trojans made up 1.85% of all mobile malware while in 2019 they’ve reached 3.24%.
“While users were subjected to a variety of mobile banking malware families, one was particularly active in the period: a new version of the Asacub malware accounted for 58.4% of all banking Trojans that attacked users. Asacub first appeared in 2015,” the company said. “The attackers spent two years perfecting its distribution scheme and, as a result, the malware peaked in 2018, when it attacked 13,000 users a day. Since then, its rate of spreading has closed down, although it remains a powerful threat: in Q1 2019, Kaspersky Lab detected Asacub targeting on average 8,200 users a day.”
As per Victor Chebyshev, a security researcher at Kaspersky Lab, the attacks are becoming more sophisticated by the day.
“The rapid rise of mobile financial malware is a troubling sign, especially since we see how criminals are perfecting their distribution mechanisms. For example, a recent tendency is to hide the banking Trojan in a dropper — the shell that is supposed to fly to the device under the security radar, releasing the malicious part only upon arrival,” he said.