Mobile cyber-attacks surge as hackers chase banking info

Mobile cyber-attacks surge as hackers chase banking info
Android users faced six times as many cyber-attacks this year than last, according to a new study. Hackers targeted 588,000 mobile users worldwide between August 2013 and July 2014.

Hackers are increasingly targeting smartphone users to get into victims’ bank accounts and steal money, according to security researchers at Kaspersky Lab and Interpol.

Some 60 percent of the malware targeting Android devices was designed to steal banking details or money, as reported by Kaspersky, one of the world’s leading cyber security firms.

The biggest number of cyber-attacks came from the Trojan-SMS malware family, a malicious program which allows hackers access to user bank card data, in addition to user names and passwords for online banking services, the study finds. Trojan-SMS accounts for 57.08 percent of attacks.

“One infection is enough to give cybercriminals access to all the financial assets of their victims. In the case of Trojan-SMS, hackers need dozens or even hundreds of successful attacks to reap tangible benefits,” Roman Unuchek, a senior anti-malware expert at Kaspersky, explained in the study’s press release.

The report also warns about the danger of downloading third-party mobile applications.

“Third party apps pose a security threat to users who enable the installation of apps from unverified sources. These unverified packages may carry malware that would be installed on a device without the user's permission or knowledge," it said.

Hackers often lure users with malware disguised as free games or pornography. One new Trojan, masked as a tic-tac-toe application, covertly steals user data and email correspondence after installation.

“Such seemingly innocuous apps like tic-tac-toe give cybercriminals access to a vast amount of both personal and corporate data,” Anton Kivva, a Kaspersky Lab cyber security expert, told MR7.

Image from http://securelist.com


Cybercriminals most frequently targeted those in Russia, but also waged attacks on users in Ukraine, Spain, the United Kingdom, Vietnam, Malaysia, Germany, India and France, the survey found.

Over 50 percent of the attacks were registered in Russia. However, the study points out that this could be because more Russians granted Kaspersky permission to track their statistics.

The popularity of mobile payment services in Russia may also be at play. Such payments allow users to pay for services by sending premium SMSs, providing an avenue for hackers to exploit, according to the study. Hackers use the apps to manipulate victims’ devices into sending premium SMSs meanwhile taking a cut of the profits from affiliate criminal companies on the receiving end of the messages.

Experts explain that mobile attacks are growing and evolving as cybercriminals adapt to rising mobile internet use.

“During the past few years we have witnessed the rise of mobile cyber threats which have become more complex and intelligent enough to target specific entities. With the mobile market growing exponentially, it is clearer that these threats are mutating to include new attack vectors allowing the exploitation of personal smart devices,”
said Madan Oberoi, director of Cyber Innovation & Outreach at Interpol.