Trojans targeting financial institutions have become one of the most prevalent threats on the internet today. A successful compromise of an online bank account can be very profitable for the attacker. Some financial threat families are constantly being updated and adapted to thwart newer protection methods, and enjoy great popularity among cybercriminals.
Symantec today released a new blog and update to its whitepaper on the “State of Financial Trojans,” showing that financial Trojans decreased by 53 percent in 2014 largely due to takedown and arrest operations. However, with a total of 1,77,000 compromised computers, India is the country with the fifth most financial Trojan infections in 2014, moving up from the seventh rank in 2013.
Financial Trojans that intercept and redirect transactions from online banking sessions have always been popular among cybercriminals. These campaigns will probably remain prevalent for the foreseeable future, as attacks against banking customers are still successful in many cases. Today’s financial malware has evolved to bypass newer security measures, such as two-factor authentication (2FA) and mobile banking, in order to steal money from unsuspecting users. Symantec has seen attackers continue to target high-profile targets, and shift focus to new platforms like bitcoin and mobile payments.
Other notable findings from the Symantec State of Financial Trojans 2014 whitepaper include:
* Around 1,467 financial institutions in 86 countries are targeted with financial Trojans
* Attackers are focusing on new targets outside of online banking, such as Boleto, Bitcoin, and password managers.
* India ranks 5th among countries with most financial Trojan Infections, movingup from rank 7 in 2013
* Stolen bank accounts are sold for 5-10 percent of the balance value on underground cybercrime forums.
* The trend of mobile malware intercepting text messages and gathering 2FA credentials continued in 2014.