HomesecurityBanking Trojans: Giant Mobile Cyber ​​Threats

Banking Trojans: Giant Mobile Cyber ​​Threats

For this reason, we can safely say that banking Trojans are the most important threats to mobile as they are over 95% of malware on mobile.

We are in a time when the majority of smartphone users still consider their device "simply a phone," as opposed to PC users who already use at least one basic "safety" against the Trojans.
Today smartphones are complete computers. More specifically, they are risky computers. Where your computer's hard disk may not contain anything worthwhile, your smartphone is likely to contain data that is valuable to both you and cybercriminals.
If you have a smartphone, you probably have a bank card. As banks use your cell phone number to authenticate (send one-time passwords via SMS), it is likely that cyber criminals have attempted to penetrate this communication channel and make payments and transfers from your bank account.

Banking Trojans: Giant Mobile Cyber ​​Threats

For this reason, we can safely say that banking Trojans are the most important threats to mobile as they are over 95% of malware on mobile.
Although Trojans are less dangerous than viruses, as they require user actions to penetrate the systems, there are a number of effective social engineering techniques that drift the user into their activation through false updates.
There are three main methods of banking Trojans that employ:
<br>• Hide the text: Mobile malware hides incoming SMS from banks and then sends them to criminals who then transfer money to their accounts.
<br>• Small circulation of cash: Malware actoers occasionally transfer small amounts of money into account-frauds from the account of an infected user.
<br>• App Mirroring: Malware mobile applications that mimic banks and get the user login credentials from the actual application
The big banks Trojans (over 50%) target Russia and the CIS countries, as well as India and Vietnam. Lately, the new generation of global mobile malware is on the rise.
The grandfather of all mobile bankers Trojans is Zeus, also known as Zitmo (Zeus-in-the-mobile), created by 2010 (Zeus's successor to 2006 computers). This piece of malware has managed to infect over 3.5 millions of devices in the US alone and create the largest botnet of history.
Thanks to Jupiter, scammers managed to escape over 74.000 FTP passwords from various websites (including Bank of America) by changing their password so that they could export credit card data after each payment attempt. Jupiter was very active until the end of 2013, when dethroned by the most sophisticated Xtreme RAT.
With the passage of time we saw bankers Trojans to make their appearance. 2011 saw SpyEye, one of the most successful bankers in history. 2012 another Trojan was found - Carberp. This feature mimicked Android applications of the major Russian banks, Sberbank and Alfa Bank, as they targeted their users in Russia, Belarus, Kazakhstan, Moldova and Ukraine. Surprisingly, the perpetrators were able to publish fake apps on Google Play.
Passing on the latest incidents, 2013 is the Hesperbot who is starting to look for his own victims. This was a malicious software coming from Turkey, and besides the usual problems, this Trojan creates a hidden VNC server in one smartphone, which provided access to an attacker for remote management of the device. In addition, Hesperbot acted not only as a banking Trojan, but also as a thief Bitcoin.
Respectively, 2014 revealed the Android.iBanking source code. IBanking is an end-to-end kit for SMS hi-jacking and remote device management. The publication of the code has led to an increase in infections.
In June of 2015, a new Trojan was discovered in Russia. Android.Bankbot.65.Origin was disguised as a corrected official application of Sberbank Online and offered a "wider range of m-banking features" available after the installation of the "newer version".

Banking Trojans: Giant Mobile Cyber ​​Threats
In fact, the application actually remained a functional m-banking tool, so no user noticed the change. As a result, in July 100.000 Sberbank users reported losses of more than 2 billion rubles. All of them used the fake application "Sberbank Online".
It goes without saying that the history of bankers Trojans is still written: more and more new applications are being created and increasingly efficient techniques are used by attackers to drag users into their trap. So, it's time to protect your smartphone properly!


Please enter your comment!
Please enter your name here