Two leading banking Trojans christened – Gozi Trojan and Nymaim Trojan, collaborates to make the top 10 ranking financial malware.
According to the results of Kaspersky Lab’s IT threat evolution Report for Q2 – Turkey became the country most attacked by this type of malware: 3.45% of Kaspersky Lab product users in the country encountered such an online threat during the quarter. Russia was in second place, the target of 2.9% of online threats, followed by Brazil with 2.6%. The Olympic Games are likely to push Brazil up the attack list in Q3.
During the last quarter, Kaspersky Labs alone acclaims to have blocked 1,132,031financial malware attacks on users, plunging a 15.6% rise compared to the previous quarter.
In its latest report the company asserts banking trojans to be the most dangerous online threats – because the malware propagate via compromised or fraudulent websites and spam emails mimicking the users. It also lands the users to an official online banking page in an attempt to steal users’ personal information, such as bank account details, passwords, or payment card details.
“Financial malware are still active and developing rapidly. New banking Trojans have significantly extended their functionality by adding new modules, such as ransomware. If criminals do not succeed in stealing users’ personal data, they will encrypt it and demand a ransom. Yet another example is the Neurevt Trojan family. This malware was used not only to steal data in online banking systems, but also to send out spam. We at Kaspersky Lab are responding to this situation by expanding and sharpening the way we detect and classify financial malware – so that we can block it even faster,” notes Denis Makrushin, Security expert at Kaspersky Lab.
Other online threat statistics from the Q2, 2016 report include:
- In total, in Q2 Kaspersky Lab products blocked 171,895, 830 online attacks against users.
- Malware originated in 191 countries, although an overwhelming 81% came from just ten countries, led by the USA, (35.4%) Russia (10.3%) and Germany (8.9%).
- 54,539,948 unique URLs were recognized as malicious by the company’s security solutions, a 17% decrease on the same quarter in 2015.
- Every fifth PC user faced web-attack at least during the quarter.
- Kaspersky Lab products detected 16,119,489 unique malicious objects: scripts, exploits, executable files, etc.
- The safest countries for online activity were Canada (15%), Romania (14.6%) and Belgium (13.7%), while the countries at highest risk of Internet infection were Azerbaijan (32.1%), Russia (30.8%) and China (29.4%).
To mitigate the risk of infection, users are advised to:
- Use robust security solutions and make sure they keep your software up to date.
- Regularly run a system scan to check for possible infection.
- Stay wise while online. Do not enter personal information into a website if you are at all unsure or suspicious.
To all the security hullaballoo, the main culprits are sought to be the Gozi and Nymaim banking Trojans, with the authors of both joining forces. The Nymain Trojan was initially designed as ransomware, blocking access to users’ valuable data and then demanding a ransom to unblock it. However, the latest version includes banking Trojan functionality from Gozi source code that provides attackers with remote access to victims’ PCs.
Read the full version of the Kaspersky Lab’s IT threat evolution in Q2 Report at Securelist.com.