Menu
Banking Exchange Magazine Logo
Menu

Cyber attacks tripled on Android in 2014

3 specific malwares account for most attacks

  • |
  • Written by  Website Staff
  • |
  • Comments:   DISQUS_COMMENTS
Cyber attacks tripled on Android in 2014

The number of financial malware attacks striking Android users rose more than threefold in 2014, Kaspersky Lab says.

Following an initial decrease in March 2014, Kaspersky Lab researchers registered a significant increase in the number of attacks by Trojan-SMS malware during the second half of the year.

Key findings include:

Financial targeting. 48.15% of the attacks against users of Android-based devices, that were blocked by Kaspersky Lab products, used malware targeting financial data (Trojan-SMS and Trojan-Banker).

2014 blows away earlier levels. The number of financial attacks against Android users in 2014 increased 3.25 times—up from 711,993 to 2,317,194 attacks—compared with 2013, and the number of users attacked rose 3.64 times (up from 212,890 to 775,887).

Tripling from a triple-threat. 98.02% of all attacks by Android banking malware were accounted for by only three malicious families.

Why Android’s a target

Android is one of the most popular mobile operating systems in the world, attracting the attention of cybercriminals targeting users’ private information and money. During 2014, Kaspersky Lab’s Android products blocked a total of 2,317,194 financial attacks against 775,887 users around the world. The lion’s share of these attacks (2,217,979 attacks against 750,327 users) used Trojan-SMS malware, and the rest (99,215 attacks against 59,200 users) used Trojan-Banker malware.

Although the Trojan-Banker contribution to the overall volume of financial attacks against Android users is relatively small, it continues to grow. During the year, Kaspersky Lab products detected 20 different malicious Trojan-Banker programs.

But there were only three “star” performers among them: Faketoken, Svpeng, and Marcher. Svpeng and Marcher are capable of stealing credentials for online banking as well as credit card information by replacing the authentication fields of mobile banking apps and app stores apps on an infected device. Faketoken is made for intercepting mTAN codes used in multifactor authentication systems and forwarding it to criminals. These three families accounted for 98.02% of all Trojan-Banker attacks.

Profile of attacks

In the spring of 2014, Kaspersky Lab researchers noticed a significant decrease in the number of attacks by Trojan-SMS malware. One possible reason for this fall was the introduction by mobile-phone operators in Russia (the main source of Trojan-SMS threat) of an Advice of Charge (AoC) mechanism. This means that every time a customer (or an SMS Trojan) attempts to send a message to a premium number, the operator notifies the customer how much the service will cost and requests additional confirmation from the user.

The decrease ended in July and was followed by a steady increase throughout the rest of the year. The growth sped up in December, which is traditionally a high season for online shopping and online payment transactions, driving an increase in criminals targeting financial data.

back to top

Sections

About Us

Connect With Us

Resources

Webinar: From KYC to IDV

How three leading banks are utilizing cutting-edge
digital tools to onboard, win, and wow customers

Time/Date: June 23, 2021 11:00 a.m. ET

Digital adoption, already moving at warp speed, accelerated seven years into the future during the COVID-19 pandemic. As the number of bank branches continues to fall, with at least one study predicting all branches will disappear by 2034 (Fox Business) and foot traffic declining (Vox), today’s most innovative banks are charting a new, digital-first path to win over customers while increasing security, meeting KYC compliance requirements, and winning customers to drive revenue.

In this webinar, you’ll hear from John Baird, Founder & CEO of Vouched, Tyler Crawford, COO of Bankers Healthcare Group, Anand Sathiyamurthy, CPO of Flagstar Bank and Daniel Sheehan, Chairman & CEO of Professional Bank as they describe their vision for digital transformation and how customer expectations are changing to digital first. They’ll also explore how fostering an innovation mindset creates new ways to tackle complex KYC problems and allows them to quickly compete in new markets and win customers.

REGISTER NOW!

This webinar is brought to you by:
Vouched Logo