The number of users hit by financial malware grew by seven percent during the first half of 2019 to reach 430,000 according to new research from Kaspersky which revealed the growing threat that banking Trojans pose to both businesses and individuals.
This type of malware is aimed at stealing finances and financial data while also providing threat actors with access to users’ and financial organizations’ assets and machines. Banking Trojans have always occupied a significant part of the threat landscape as finance is the most common motivation for both cybercriminals and fraudsters.
Kaspersky data on new samples of these threats shows that malware aimed at stealing funds is active and extremely dangerous, especially to corporate environments where connected devices are prevalent.
Spam emails and phishing sites are typical attack vectors for malware and during the first half of this year, Kaspersky researchers detected over 339,000 phishing attacks from web pages which were disguised to appear like the landing pages of large banks.
Banking Trojan families
Kaspersky’s researchers also compiled a list of the most popular banking Trojan families that were utilized to attack corporate users. Four-in-ten (40%) of financial threats on corporate users came from the RTM banking Trojan followed by the Emotet banking Trojan at 15 percent and the Trickster banking Trojan at 12 percent.
The cybersecurity firm also found that the situation was a bit different for private users. The Zbot malware (26%) which steals credentials with the option of remote control by attackers topped the list of malware that attempted to attack them followed by RTM and Emotet.
Security researcher at Kaspersky, Oleg Kupreev provided further insight on the firm’s findings and the growing threat posed by financial malware, saying:
“We expect to see a rise in the number of attacked users in the second half of 2019. Usually, we see a rise in malicious activity after the holiday season, when people are using their devices less than usual and therefore are less likely to fall a victim to threat actors. We urge everyone to be extra careful with all banking and finance-related operations that they perform online and remain vigilant.”
To protect your business from financial malware Kaspersky recommends introducing cybersecurity awareness training at your organization, installing the latest updates and patches and forbidding employees from installing software from unknown sources.