跳到主体内容

The Number of Financial Attacks Against Android Users Tripled in 2014

2015年3月5日

The Kaspersky Lab study ‘Financial Cyberthreats in 2014’ reports that the number of financial malware attacks against Android users grew by 3.25 times in 2014.

The Kaspersky Lab study ‘Financial Cyberthreats in 2014’ reports that the number of financial malware attacks against Android users grew by 3.25 times in 2014. Following an initial decrease in March 2014, Kaspersky Lab researchers registered a significant increase in the number of attacks by Trojan-SMS malware during the second half of the year.

  • 48.15% of the attacks against users of Android-based devices, that were blocked by Kaspersky Lab products, used malware targeting financial data (Trojan-SMS and Trojan-Banker);
  • The number of financial attacks against Android users in 2014 increased 3.25 times (from 711,993 to 2,317,194 attacks) compared with 2013, and the number of users attacked rose 3.64 times (up from 212,890 to 775,887);
  • 98.02% of all attacks by Android banking malware were accounted for by only three malicious families.

Android is one of the most popular mobile operating systems in the world, and therefore attracts the attention of cybercriminals targeting users’ private information and money. During 2014, Kaspersky Lab’s Android products blocked a total of 2,317,194 financial attacks against 775,887 users around the world. The lion’s share of these (2,217,979 attacks against 750,327 users) used Trojan-SMS malware, and the rest (99,215 attacks against 59,200 users) used Trojan-Banker malware.

Financial attacks against users of Android-based devices in 2014

Although the Trojan-Banker contribution to the overall volume of financial attacks against Android users is relatively small, it continues to grow. During the year Kaspersky Lab products detected 20 different malicious Trojan-Banker programs. But there were only three star performers among them: Faketoken, Svpeng and Marcher. Svpeng and Marcher are capable of stealing credentials for online banking as well as credit card information by replacing the authentication fields of mobile banking apps and app stores apps on an infected device. And Faketoken is made for intercepting mTAN codes used in multifactor authentication systems and forwarding it to criminals. These three families accounted for 98.02% of all Trojan-Banker attacks.

Trojan-SMS comeback

In spring 2014, Kaspersky Lab researchers noticed a significant decrease in the number of attacks by Trojan-SMS malware. One possible reason for this fall was the introduction by mobile-phone operators in Russia (the main source of Trojan-SMS threat) of an Advice of Charge (AoC) mechanism. This means that every time a customer (or an SMS Trojan) attempts to send a message to a premium number, the operator notifies the customer how much the service will cost and requests additional confirmation from the user.

The decrease ended in July and was followed by a steady increase throughout the rest of the year. The growth speeded up in December, traditionally a “high” season for online shopping and online payment transactions and for criminals targeting financial data.

"During the year our cumulative Android user base grew significantly, which led to a rise in the number of financial malware detections and affected users. However, the overall growth rate of attacks with financial malware was faster and greater than could be explained by the increased number of Android devices alone. This growth rate is mainly down to Trojan-SMS. We believe that the main reason of the Trojan-SMS comeback is the appearance of malware capable of infection and theft even with AoC implemented in the cellular network. For example, we discovered such functionality in Opfake.a and Fakeinst malware modifications. Both are very active Trojan-SMS representatives," - said Roman Unuchek, Senior Malware Analyst at Kaspersky Lab.

Read the full text of the ‘Financial Cyberthreats in 2014’ study on Securelist.com

Kaspersky Lab has many years of highly respected experience in combating mobile cyberthreats. This experience underpins Kaspersky Lab’s security solutions. For example, a mobile software developer kit is included in the Kaspersky Fraud Prevention platform that enables banks to protect their customers from online financial fraud. This allows banks to create mobile banking applications that are resilient to cyberthreats. Kaspersky Lab’s solutions for home users, such as Kaspersky Internet Security – Multi-Device and Kaspersky Total security – Multi-Device, also include security applications for the most popular mobile platforms.

The Number of Financial Attacks Against Android Users Tripled in 2014

The Kaspersky Lab study ‘Financial Cyberthreats in 2014’ reports that the number of financial malware attacks against Android users grew by 3.25 times in 2014.
Kaspersky logo

关于卡巴斯基

卡巴斯基是一家成立于1997年的全球网络安全和数字隐私公司。卡巴斯基不断将深度威胁情报和安全技术转化成创新的安全解决方案和服务,为全球的企业、关键基础设施、政府和消费者提供安全保护。公司提供全面的安全产品组合,包括领先的端点保护解决方案以及多种针对性的安全解决方案和服务,以及用于应对复杂和不断变化的数字威胁的网络免疫解决方案。全球有超过4亿用户使用卡巴斯基技术保护自己,我们还帮助全球200,000家企业客户保护最重要的东西。要了解更多详情,请访问www.kaspersky.com.cn.

相关文章 企业新闻