Woburn, MA – August 6, 2018 – Kaspersky Lab’s Q2 IT threat evolution report found that mobile banking Trojans topped the list of cyber headaches in Q2 2018. The number of installation packages for mobile banking reached a historic high at over 61,000; these modifications help attackers avoid detection by security solutions and expand their arsenal. This is more than a three-fold growth when compared with Q1 2018, and over double the installations than in Q1 2017. 

Mobile banking Trojans are one of the most infamous types of malware, as they are designed to steal money directly from mobile users’ bank accounts. This type of attack is attractive to cybercriminals worldwide who are looking for an easy profit. The malware is typically disguised as a legitimate app, to lure people into installing it. Once the banking app is launched, the Trojan displays its own interface overlaying the app’s interface. When the user inputs credentials, the malware steals the information. 

The second quarter of 2018 experienced a massive influx of these types of Trojans at 61,045, which is a historic high in all the time that Kaspersky Lab has been observing such threats. The greatest contribution was made by the creators of Trojan Hqwar, with about half of the new modifications discovered relating to this malware. Trojan Agent took second place with around 5,000 packages.

In Q2 2018, the top three countries with the biggest share of users attacked with mobile banking malware (in proportion to all users attacked with any kind of mobile malware) were as follows: U.S. (0.79%), Russia (0.7%) and Poland (0.28%). Russia and U.S. swapped places compared with Q1 2018, while Poland jumped from ninth to third place on the list – mainly due to the active distribution of Trojans.AndroidOS.Agent.cw and Trojan-Banker.AndroidOS.Marcher.w modifications.

According to Kaspersky Lab experts, such high numbers could be part of a global trend for mobile malware growth, as the overall number of mobile malware installation packages also increased by over 421,000 compared to the previous quarter.

“The threat landscape in the second quarter of this year gives us cause for concern regarding mobile users’ security,” said Victor Chebyshev, security expert, Kaspersky Lab. “The overall growth in mobile malware installation packages – especially associated with banking – demonstrates that cybercriminals are constantly creating new modifications to their malicious software to make it more sophisticated and discreet for cybersecurity vendors to detect. Users and the industry should be extremely cautious and vigilant in the coming months as the trend continues to grow.”

Other online threat statistics from the Q2 2018 report include:  

  • Kaspersky Lab solutions detected and repelled 962,947,023 malicious attacks from online resources located in 187 countries around the world (a 20% growth compared to the previous period);
  • 351,913,075 unique URLs were recognized as malicious by web antivirus components (24% growth since Q1 2018);
  • Attempted infections by malware that aims to steal money via online access to bank accounts were registered on 215,762 user computers;
  • Kaspersky Lab’s file antivirus detected a total of 192,053,604 unique malicious and potentially unwanted objects;
  • Kaspersky Lab mobile security products also detected 1,744,244 malicious installation packages (nearly a 32% growth against the previous period).

To reduce the risk of infection, users are advised to:

  • Install applications only from trusted sources such as the official app store;
  • Check permissions requested by the app – if they do not correspond with the app’s task (e.g. a reader asks to access your messages and calls), this can be a sign of suspicion;
  • Use a robust security solution to protect from malicious software and its actions. The free version of Kaspersky Internet Security for Android can help you avoid such situations;
  • Do not click on links from spam emails;
  • Do not perform the rooting procedure of the device that will provide cybercriminals with limitless capabilities.

Read the full version of the Kaspersky Lab’s IT threat evolution report on Securelist.com.

About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company, which has been operating in the market for over 20 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Media Contact
Jessica Bettencourt

Kaspersky Lab Q2 Report: Mobile Banking Trojan Modifications Reach Historic High

Out of all malware, Kaspersky Lab finds U.S. users attacked most with mobile banking malware
Kaspersky Logo