Banking malware, aimed at stealing personal banking credentials and credit card information, is surging as attackers target the rising popularity of mobile banking on smartphones.
This was revealed in Nokia’s latest Threat Intelligence Report, which is based on data aggregated from network traffic monitored on more than 200 million devices globally where Nokia’s NetGuard Endpoint Security product is deployed.
The report highlighted an 80%, year-on-year increase in the first half of the year in the number of new banking trojans, which also try to steal SMS messages containing one-time passwords.
This type of threat employs a range of tricks to steal data, including keyloggers, phishing, taking screen snapshots, and even accessing Google Authenticator codes, the report says.
To date, banking malware has been aimed at Android phones for the most part, due to the ubiquity and openness of the platform, the report added.
Most banking applications enable users to add a multi-factor authentication feature to their accounts to make it more difficult for bad actors to get their hands on personal information.
The report advises users to avoid mobile banking from easily accessible public WiFi access points; and to use both multi-factor authentication when available and strong passwords.
Kevin McNamee, director of Nokia’s Threat Intelligence Center, says threats continually evolve and look for new opportunities.
Banking trojans have dramatically increased over the last year as digital banking has become more widespread, a trend Nokia sees continuing into the future which reinforces the need for better online practices and having robust endpoint security in place.
According to the report, IOT botnets are responsible for 32% of the malware incidents detected by Nokia’s NetGuard Endpoint Security.
Essentially a network of devices connected by malware, these bots continue to grown in size and sophistication, due to the rising use of IOT devices, such as smart refrigerators and video surveillance cameras.
One bot called Mozi, which uses a peer-to-peer command and control protocol, has been used to create botnets consisting of around half a million individual devices. Mozi actively scans the network and uses a suite of known vulnerabilities to exploit additional IOT devices.
