A new Symantec report shows India ranks fifth in the list of the countries infected by financial Trojans in 2014, moving up from the seventh rank in 2013. According to an update to its whitepaper on the “State of Financial Trojans,” Symantec says financial Trojans decreased by 53 percent in 2014 largely due to takedown and arrest operations. India, however, suffered a total of 1,77,000 compromised computers.
The report points out that financial trojans that intercept and redirect transactions from online banking sessions have always been popular among cybercriminals. These campaigns will probably remain prevalent for the foreseeable future, as attacks against banking customers are still successful in many cases.
It goes on to say that financial malware has evolved to bypass newer security measures, such as two-factor authentication (2FA) and mobile banking, in order to steal money from unsuspecting users. Symantec has seen attackers continue to target high-profile targets, and shift focus to new platforms like bitcoin and mobile payments.
Other notable findings from the Symantec State of Financial Trojans 2014 whitepaper include:
· Around 1,467 financial institutions in 86 countries are targeted with financial Trojans
· Attackers are focusing on new targets outside of online banking, such as Boleto, Bitcoin, and password managers.
· India ranks 5th among countries with most financial Trojan Infections, moving up from rank 7 in 2013
· Stolen bank accounts are sold for 5-10 percent of the balance value on underground cybercrime forums.
· The trend of mobile malware intercepting text messages and gathering 2FA credentials continued in 2014
Number of global infections of common financial Trojans in 2014
The latest report corroborates some of the earlier reports that cyber criminals are targeting banking and financial institutions. F-Secure reveals that a ‘Ramnit’ malware steals bank user names and passwords and it mostly spreads through USB removable drives.
McAfee also pointed out that developers have been slow to address security concerns amid rising threat from cyber criminals.