Financial threats

Millions of people around the world now use ATMs every day to withdraw cash, pay in to their account or make a variety of payments. Unfortunately, ATM manufacturers and their primary customers – banks – don’t pay much attention to the security of cash machines.

In February 2016, the Internet was shaken by an epidemic caused by the new ransomware Trojan Locky. The Trojan has been actively propagating up to the present day. Kaspersky Lab products have reported attempts to infect users with the Trojan in 114 countries around the world. Analysis of the samples has shown that this Trojan is a brand new ransomware threat, written from scratch.

Cybercrime in Brazil has changed drastically in the last few years, as it shifted from simple keyloggers to tailored remote administration tools that can run a complete attack by using the victim machine. As we know, they are in touch with cybercriminals from Eastern Europe, mainly Russians.

We found a new wave of different campaigns spreading the initial “Banloader” components in Jar (Java archive). It’s able to run on Linux, OS X, Windows. It’s also able to run under certain circumstances even on mobile devices.

We have seen many shapes and colors of cryptolockers, but the new CTB-Locker variant says it all. A new variant of the CTB-Locker targets web servers only, and to our knowledge it has already successfully encrypted web-root files in more than 70 servers.

On November 2015, Kaspersky Lab researchers identified ATMZombie, a banking Trojan that is considered to be the first malware to ever steal money from Israeli banks. The incident Israeli banks experienced had a very fascinating and innovative method of stealing the money.

As the functionality of mobile devices and mobile services grows, the appetite of cybercriminals who profit from mobile malware will grow too. Malware authors will continue to improve their creations, develop new technologies and look for new ways of spreading mobile malware. Their main aim is to make money.

Kaspersky Lab security researchers Santiago Pontirol and Roberto Martinez explain how ATM malware works in Latin America and why it’s difficult to discover ‘jackpotting’ malware.

A year after Kaspersky Lab warned that cybercriminals would start to adopt the tools and tactics of nation-state backed APTs in order to rob banks, the company has confirmed the return of Carbanak and uncovered two more groups: Metel and GCMAN.

A while ago Turkish security group Otku Sen created the hidden tear ransomware and published the source code online. Idea behind it was to “teach” security researchers how ransomware works. Right from the beginning the reaction of various security professionals was negative. And we were right, it didn’t take long before the first ransomware variants arrived based on the hidden tear source code.

In 2015, virus writers demonstrated a particular interest in exploits for Adobe Flash Player. The proportion of relatively simple programs used in mass attacks was growing. Attackers have mastered non-Windows platforms – Android and Linux: almost all types of malicious programs are created and used for these platforms.

The data collected from Kaspersky Lab products shows that the tools used to attack businesses differ from those used against home users. Let’s have a look back at the major incidents of 2015 and at the new trends we have observed in information security within the business environment.

The end of the year is traditionally a time for reflection – for taking stock of our lives before considering what lies ahead. We’d like to offer our customary retrospective of the key events that have shaped the threat landscape in 2015.

The Russian-language cybercrime market is known all over the world. Kaspersky Lab experts have been monitoring the Russian hacker underground since its emergence. In this review we analyze how financial cybercrime works.

As the year comes to an end, we have an opportunity to take stock of how the industry has evolved and to cast our predictions for the coming years. The outlook for our rapidly evolving field of study is quite thought-provoking and will continue to present us with interesting challenges.