Kaspersky Lab researchers have uncovered a worrying rise in malware designed to steal credentials and money from users’ bank accounts: in Q1 2019, researchers found 29,841 files of such malware, up from 18,501 in Q4 2018. Overall, attacks on more than 300,000 users were detected. These are among the main findings of Kaspersky Lab’s IT threat evolution in Q1 2019 report.
Mobile banking Trojans are one of the most rapidly-developing, flexible and dangerous types of malware. They usually steal funds directly from mobile users’ bank accounts, but sometimes their purpose is changed to steal other kinds of credentials. The malware generally looks like a legitimate app, such as a banking application. When a victim tries to reach their genuine bank app, the attackers gain access to that too.
In Q1 2019, Kaspersky Lab detected around 30,000 modifications of various families of banking Trojans, trying to attack 312,235 unique users. What’s more, banking Trojans grew not only in the number of different samples detected – their share of the threat landscape increased as well. In Q4 2018, mobile banking Trojans accounted for 1.85% of of all mobile malware; in Q1 2019, their share reached 3.24%.
While users were subjected to a variety of mobile banking malware families, one was particularly active in the period: a new version of the Asacub malware accounted for 58.4% of all banking Trojans that attacked users. Asacub first appeared in 2015. The attackers spent two years perfecting its distribution scheme and, as a result, the malware peaked in 2018, when it attacked 13,000 users a day. Since then, its rate of spreading has closed down, although it remains a powerful threat: in Q1 2019, Kaspersky Lab detected Asacub targeting on average 8,200 users a day.
“The rapid rise of mobile financial malware is a ..