Online bank accounts targeted over 5m times
KSN blocks 6 mln attempts in Q3
DUBAI, Nov 11: In its Q3 IT Threat Evolution report, Kaspersky Lab has published the details of the key security incidents of the quarter. Using statistics from the Kaspersky Security Network (KSN), which obtains information from millions of Kaspersky Lab product users in 213 countries, the report sheds light on the increase in mobile threats, the attempted theft of money from online bank accounts and targeted cyberattacks in the evolving threat landscape.
In Q3 2015, Kaspersky Lab’s solutions blocked almost 626,000 attempts to launch malware capable of stealing money via access to users’ online banking. This number is 17.2% lower than in the second quarter of the year, although it is a 5.7% increase since Q3 2014.
During the quarter, there were 5.68 million notifications about attempted malware infections to steal money from users via online access to bank accounts.
Amongst surveyed countries, UAE stood in the 9th place with 2.54% of its users attacked by banking Trojans.
Most of the countries in the top 10 (including UAE) have significant numbers of online banking users, attracting cyber criminals. Of the malware used to target online banking users, Trojan-Downloader.Win32.Upatre was the most prevalent, being used in 63.1% of attacks in an attempt to steal users’ payment details.
323,374 new malicious mobile programs were detected by Kaspersky Lab mobile security products in Q3. This is a 10.8% increase on Q2 2015 and a 3.1-fold increase since Q1 2015.
There were more than 1.5 million malicious packages installed on mobiles during the quarter, 1.5 times more than in the previous quarter.
Displaying adverts to users has remained the main method of making money from mobile threats. During the quarter, Kaspersky Lab observed a growing number of programs that used advertising in this way. They often root the device of a victim and use super user privileges, making it very difficult to combat them. In Q3 2015, these Trojans accounted for more than half the most popular mobile malware.
In Q3, the Kaspersky Lab Global Research and Analysis Team (GReAT) researched a number of sophisticated cyber espionage campaigns. Amongst others, these included investigating the Turla group, which makes use of satellite communications to manage its command-and-control servers’ traffic for subsequent operations, the Darkhotel APT, which infiltrates hotel Wi-Fi networks to place backdoors on target computers, and the Blue Termite APT, which focuses on stealing information from organisations in Japan. Kaspersky Lab also worked on a joint investigation with the Dutch National High Tech Crime Unit (NHTCU) and Panda Security, resulting in the arrest of two suspects, who are believed to be involved in the Coin Vault ransom ware attacks.