Malware authors join forces to increase finance attacks threats by 16%

By Kaspersky Lab, The threat of financial malware has taken a huge step forward as the creators of successful Trojans, Gozi and Nymaim, join forces. According to the...

By Kaspersky Lab,

The threat of financial malware has taken a huge step forward as the creators of successful Trojans, Gozi and Nymaim, join forces. According to the IT Threat Evolution Report published by Kaspersky Lab, these two viruses are now ranked in the Top 10 most dangerous financial malware threats.

Malware of this kind represents the most dangerous online threat and targets personal banking information by mimicking legitimate sites to steal personal information including credit/debit card details, personal account information and passwords. These Trojans are spread in a variety of ways including spam emails, hacked websites and fraudulent links. Once active, they infect a user’s device to compromise the security of their system, usually without the knowledge of the user until it is too late.

In Q2 of 2016 Kaspersky Labs blocked 1,132,032 financial malware attacks which represents a rise of 15.6% on Q1 with the results for Q3 expected to be a further rise.

The attacks have been global with Turkey representing the greatest number of attacks by volume (3.45%) followed by Russia (2.9%) and Brazil (2.6%). The safest five countries (or those that had the fewest such incidences blocked by Kaspersky Labs products) were Canada, USA, France, The Netherlands and Great Britain.

The attacks during this quarter originate from a staggering 191 different countries although over eight out of ten strikes came from one of just ten locations; the USA, Russia and Germany being the three biggest culprits as sources of the viruses.

The increase in incidences has been a direct result of the evolution of the Nymaim banking Trojan. Originally a ransomware threat, the authors have improved the functionality of the virus by harnessing the source code from the Gozi Trojan to create a piece of malware that allows criminals to remotely access a victims device. The combination of the two has enhanced the sophistication of the threat and renders it more harmful, more successful and less easy to block without up-to-date systems. The current generation Gozi and Nymaim has been enough to boost them into second and sixth place (respectively) of the global financial malware threat ratings list. Zbot still tops the charts and represents over 15% of the such attacks suffered by users.

In the three months April to June, users of Kaspersky Lab products were protected from an estimated 171,895,830 online attacks.

The quarterly results make alarming reading and suggest that at least one in five PC users were targeted.

The fact that these findings are published as a result of Kaspersky Labs preventative measures shows that networks are vulnerable but that cyber defence systems are working. However, businesses that operate threat mitigation solutions should not be complacent and, whether they run Kaspersky Labs or another system, should always ensure that their systems are up-to-date and that regular scans are run to monitor for infections. Above all, education amongst users is key; if you are suspicious about a website then do not enter any personal details and report it immediately.

In this article

Join the Conversation