Source: The State of Financial Trojans 2013
Stephen Doherty, Piotr Krysiuk, Candid WueestVersion 1.02 – December 17, 2013, 14:00 GMT
OVERVIEW
Financial institutions have been fighting malware that targets online banking for over
ten years. During that timeframe, banks have had to evolve their security measures to
protect online transactions from fraud. Attackers adapted to these countermeasures and
sophisticated banking Trojans began to emerge. In many situations, financial institutions
adopted custom security solutions. However, many of these security implementations
are ineffective at protecting against the modern banking Trojan. Cybercriminals who are
motivated by financial reward are using these advanced Trojans to commit large scale
financial fraud, targeting institutions across the globe.
This report is an update on the financial Trojan threat landscape for 2013. It examines
eight of the most common and sophisticated financial Trojans in circulation today. The
Trojans have been targeted at over 1,400 financial institutions and compromised millions
of computers around the globe. When targeting these institutions, many attackers either
opt for a focused attack or a broad strokes approach. Exact details of the techniques
used against specific financial institutions are withheld, but are available to the financial
institution on request.
Key findings
• Over 1,400 financial institutions are targeted by attackers using financial Trojans
• The top 15 targeted financial institutions were targeted by more than 50 percent of the Trojans
• The most targeted bank is in the US and was attacked by 71.5 percent of all analyzed Trojans
• Two dominant attack strategies are identified: “focused attack” and “broader strokes”
• Institutions in 88 countries have been targeted
• Continued expansion into the Middle East, Africa and Asia
• New institution types are being targeted outside of traditional online banking
• Existing techniques are being streamlined for automation and precision
• In the first three quarters of 2013, the number of financial Trojans has grown by three times
Introduction
In 1994, financial institutions started providing online banking services to their customers. Using a Web browser, clients could log into their bank’s secure website to view statements, add new accounts and make financial transactions. Since then, online banking has grown in popularity and today, most major financial institutions facilitate the service and are evolving it further to reach mobile devices. In that same time period, attacker motivations have changed dramatically. No longer searching for notoriety and fame, cybercriminals have turned their attention to financial gain. Initially, attacks against user accounts involved simple keylogging
Trojans and phishing emails. These attacks were capable of defeating simpler security measures.
No comments:
Post a Comment