Mobile cyber-attacks surge as hackers chase banking info
Android users faced six times as many cyber-attacks this year than last, according to a new study. Hackers targeted 588,000 mobile users worldwide between August 2013 and July 2014.
Hackers are increasingly targeting smartphone users to get into
victims’ bank accounts and steal money, according to security
researchers at Kaspersky Lab and Interpol.
Some 60 percent of the malware targeting Android devices was
designed to steal banking details or money, as reported by
Kaspersky, one of the world’s leading cyber security firms.
The biggest number of cyber-attacks came from the Trojan-SMS
malware family, a malicious program which allows hackers access
to user bank card data, in addition to user names and passwords
for online banking services, the study finds. Trojan-SMS accounts
for 57.08 percent of attacks.
“One infection is enough to give cybercriminals access to all
the financial assets of their victims. In the case of Trojan-SMS,
hackers need dozens or even hundreds of successful attacks to
reap tangible benefits,” Roman Unuchek, a senior
anti-malware expert at Kaspersky, explained in the study’s press
release.
The report also warns about the danger of downloading third-party
mobile applications.
“Third party apps pose a security threat to users who enable
the installation of apps from unverified sources. These
unverified packages may carry malware that would be installed on
a device without the user's permission or knowledge," it
said.
Hackers often lure users with malware disguised as free games or
pornography. One new Trojan, masked as a tic-tac-toe application,
covertly steals user data and email correspondence after
installation.
“Such seemingly innocuous apps like tic-tac-toe give
cybercriminals access to a vast amount of both personal and
corporate data,” Anton Kivva, a Kaspersky Lab cyber security
expert, told MR7.
Cybercriminals most frequently targeted those in Russia, but also
waged attacks on users in Ukraine, Spain, the United Kingdom,
Vietnam, Malaysia, Germany, India and France, the survey found.
Over 50 percent of the attacks were registered in Russia.
However, the study points out that this could be because more
Russians granted Kaspersky permission to track their statistics.
The popularity of mobile payment services in Russia may also be
at play. Such payments allow users to pay for services by sending
premium SMSs, providing an avenue for hackers to exploit,
according to the study. Hackers use the apps to manipulate
victims’ devices into sending premium SMSs meanwhile taking a cut
of the profits from affiliate criminal companies on the receiving
end of the messages.
Experts explain that mobile attacks are growing and evolving as
cybercriminals adapt to rising mobile internet use.
“During the past few years we have witnessed the rise of mobile
cyber threats which have become more complex and intelligent
enough to target specific entities. With the mobile market
growing exponentially, it is clearer that these threats are
mutating to include new attack vectors allowing the exploitation
of personal smart devices,” said Madan Oberoi, director of
Cyber Innovation & Outreach at Interpol.
