Revealing a worrying global trend, security researchers have found that malware files designed to steal credentials and money from users' bank accounts rose to around 30,000 in the first quarter of 2019, up from 18,500 in the previous quarter, a growth of over 60 per cent.
Mobile banking Trojans are one of the most rapidly-developing, flexible and dangerous types of malware, said the report from cyber security firm Kaspersky Lab.
They usually steal funds directly from mobile users' bank accounts, but sometimes their purpose is changed to steal other kinds of credentials.
The malware generally looks like a legitimate app, such as a banking application. When a victim tries to reach their genuine bank app, the attackers gain access to that too.
In Q1 2019, Kaspersky Lab detected around 30,000 modifications of various families of banking Trojans, trying to attack 312,235 unique users.
"The rapid rise of mobile financial malware is a troubling sign, especially since we see how criminals are perfecting their distribution mechanisms," Victor Chebyshev, a security researcher at Kaspersky Lab, said in a statement.
"For example, a recent tendency is to hide the banking Trojan in a dropper - the shell that is supposed to fly to the device under the security radar, releasing the malicious part only upon arrival," Chebyshev added.
A new version of the Asacub malware accounted for 58.4 per cent of all banking Trojans that attacked users, said the report.
Asacub first appeared in 2015. The attackers spent two years perfecting its distribution scheme and, as a result, the malware peaked in 2018, when it attacked 13,000 users a day.
Since then, its rate of spreading has closed down, although it remains a powerful threat - in Q1 2019, Kaspersky Lab detected Asacub targeting 8,200 users a day on average.
To reduce the risk of infection with banking Trojans, users should install applications only from trusted sources, ideally from the official app store, said the security researchers.
Kaspersky Lab said its solutions detected and repelled 843,096,461 malicious attacks from online resources located in 203 countries around the world.
--IANS
gb/mag/
Disclaimer: No Business Standard Journalist was involved in creation of this content
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →
Smart Quarterly
₹900
3 Months
₹300/Month
Smart Essential
₹2,700
1 Year
₹225/Month
Super Saver
₹3,900
2 Years
₹162/Month
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app