Kaspersky, a cybersecurity firm, says the number of mobile financial attacks it detected in the first half of the year rose by 107 per cent.
The firm said it observed that attackers perpetuated their acts using pseudo names of prominent financial services and banks in its latest financial threat report.
Analysts at the company said they discovered 3.7 million mobile financial attacks from January to June this year and found 438,709 unique users attacked by mobile Trojan bankers.
“The number of mobile financial attacks in the first half of 2019 was 3,730,378 – 107 per cent more than in the first half of 2018. In the first half of 2019, attackers actively used the names of the largest financial services and banking organisations to attack mobile platform users. Researchers found 438,709 unique users attacked by mobile Trojan bankers. For comparison, in the first half of 2018, the number of attacked users was 569,057, a decrease of 23 per cent” the report stated.
Findings by Kaspersky showed the activity of a bank Trojan called Asacub banker, which attacked an average of 40,000 people per day, peaked rapidly in the second half of 2018 and reduced in half year 2019.
The report said, “The number of attacked users and detected attacks peaked rapidly in the second half of 2018; 1,333,410 users were attacked and there were 10,256,935 attacks. The reason behind this is the rapid growth in activity of the Asacub banker trojan and an increase in the distribution of the Svpeng banker trojan.
“As it can be seen from Kaspersky’s records during this period, the number of Asacub attacks peaked in the second half of 2018, multiplying almost a thousand times, comparing to figures of H1 2018. However, the epidemics then calmed in H1 2019.”
The cybersecurity firm identified another malware, Anubis Trojan, which intercept data for access to services of large financial organisations and two-factor authentication data in order to extort money from users.
The firm described the banking Trojan as one that spreads via instant e-messaging apps such as WhatsApp and sends a link to the victim’s contact list.
According to the report, Anubis is known to be one of the first threats in which comments on the YouTube platform are used as a command centre.
Explaining how it works, Kaspersky said, “This usually works in the following way: malware writers create a video on Youtube and write a description or comment containing a command. Malware then connects to this video page, reads the description or comment and executes the command.”
To guard against financial attacks, the Kaspersky advised users to install applications only from trusted sources such as official stores and check what access rights and permissions the application requests.
It warned users not to follow links in spam messages, not to open documents attached to them and to always use a reliable security solution, including on mobile devices.