Kaspersky Lab Q3 Threat Report Shows Mobile Malware Growth and Continued Attacks to Online Banking
Woburn, MA – November 2, 2015 –Kaspersky Lab has today published its IT Threat Evolution report for the third quarter of 2015. Using statistics from the Kaspersky Security Network (KSN), the report explores the increase in mobile threats, malware attempts to steal from consumer online bank accounts and targeted cyberattacks in the evolving threat landscape.
Q3 in figures
- 323,374 new malicious mobile programs were detected by Kaspersky Lab mobile security products in Q3. This is a 10.8% increase from Q2 2015 and a 3.1-fold increase since Q1 2015.
- During the quarter, there were 5.68 million notifications about attempted malware infections to steal money from users via online access to bank accounts.
- According to KSN data, Kaspersky Lab solutions detected and repelled a total of 235.4 million malicious attacks from online resources located all over the world. This is 38% lower than in Q2.
- 75.4 million unique URLs were recognized as malicious by web antivirus components. This is 16% higher than in Q2.
- Kaspersky Lab mobile security products detected:
- 1.6 million malicious installation packages
- 323,374 new malicious mobile programs
- 2516 mobile banker Trojans
Mobile threats
During the quarter, displaying intrusive advertisements to consumers remained the main method of profiting from mobile threats. Mobile adware continued to increase and accounted for more than half of all detected mobile threats. Some of these mobile attack methods are using superuser privileges (root access) to conceal their presence in the systems folder, making it very difficult to combat them. On the other hand, SMS Trojans decreased, accounting for only 6.2% of mobile threats during the quarter.
Online financial attacks
Malware attacks to online banking continued during the quarter with over five million notifications of attempted attacks. This trend has slightly decreased from the previous quarter, which showed 5.9 million notifications. In addition, Kaspersky Lab solutions blocked almost 626,000 attempts to launch malware capable of stealing money via access to consumers’ online banking, which is 17.2% lower than in the previous quarter.
The statistics also show that consumers in Austria were attacked by banking Trojans more than any other region - 5% of all Kaspersky Lab users in Austria faced this threat during the quarter. Singapore, last quarter’s leader, was moved to second place (4.2%) and 3% of users in Turkey were under threat (third).
Most of the countries in the geographical top 10 list of banking malware attacks during the quarter have a significant number of online banking users. Of the malware used to target online banking users, Trojan-Downloader.Win32.Upatre was the most prevalent, being used in 63.1% of attempted attacks to steal users’ payment details.
Targeted cyberattacks
In Q3, the Kaspersky Lab Global Research and Analysis Team (GReAT) researched a number of sophisticated cyberespionage campaigns. Amongst others, these included investigating the Turla group, which makes use of satellite communications to manage its command-and-control servers’ traffic for subsequent operations, the Darkhotel APT, which infiltrates hotel Wi-Fi networks to place backdoors on target computers, and new activity of the Blue Termite APT, which focuses on stealing information from organizations in Japan. Kaspersky Lab also worked on a joint investigation with the Dutch National High Tech Crime Unit (NHTCU) and Panda Security, resulting in the arrest of two suspects, who are believed to be involved in the CoinVault ransomware attacks.
“The developments in Q3 demonstrate that the global threat landscape is continuing to evolve at a fast pace. Malicious mobile programs are on the rise and in countries where online banking is popular, people are at considerable risk from Trojans looking to target them. With 5.6 million cases of attempted theft from online bank accounts, and cybercriminals continually developing sophisticated attacks, the use of high quality cybersecurity products has never been more important. It’s vital that all those using the Internet – both individuals and organizations - protect themselves from these growing threats,” says David Emm, Principal Senior Security Researcher at Kaspersky Lab’s Global Research and Analysis team.
About Kaspersky Lab
Kaspersky Lab is one of the world’s fastest-growing cybersecurity companies and the largest that is privately-owned. The company is ranked among the world’s top four vendors of security solutions for endpoint users (IDC, 2014). Since 1997 Kaspersky Lab has been an innovator in cybersecurity and provides effective digital security solutions and threat intelligence for large enterprises, SMBs and consumers. Kaspersky Lab is an international company, operating in almost 200 countries and territories across the globe, providing protection for over 400 million users worldwide.
Learn more atwww.kaspersky.com.
For the latest in-depth information on security threat issues and trends, please visit:
Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter
Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter
Media Contact
Sarah Kitsos
781.503.2615
sarah.kitsos@kaspersky.com