Financial threats

Last autumn, we discovered the first sample of an interesting new encryptor, TorLocker. The Trojan encrypts all files with AES-256 + RSA-2048 and uses the Tor network to contact its “owners”.

Kaspersky Lab and INTERPOL presented research on how blockchain-based cryptocurrencies could be abused through the pollution of public decentralized databases with arbitrary data.

In this article we look at the evolution of complication of the encryption schemes used by virus writers and the methods they adopt to put pressure on their victims. At the end of the article there is some advice for users which might help them protect important files.

A modern smartphone is a full-blown working tool, an entertainment center and a tool to manage your personal finances. The more it can do, the more attractive it is to cybercriminals. The evidence for this is clear when we look at the rapid growth in the numbers of mobile Trojans.

The main difference with other APT attacks is that Carbanak attackers do not see data but money as their primary target. Losses per bank range from $2.5 million to approximately $10 million. Carbanak is the most successful criminal cyber campaign we have ever seen.

In 2013 we registered a sudden surge in the number of attacks targeting users’ financial information and money. In 2014, the situation changed considerably: the number of attacks and attacked users significantly decreased, as did the amount of financial phishing.

In the fall of 2014, we discovered a new banking Trojan, which caught our attention for two reasons: a new technique for loading modules and a large number of online-banking systems were its targets

By closely observing more than 60 threat actors responsible for APT attacks worldwide, the team of experts has now compiled a list of the top emerging threats in the APT world. We think these will play an important role in 2015.

The end of the year is traditionally a time for reflection – for taking stock of our lives before considering what lies ahead. We’d like to offer our customary retrospective of the key events that shaped the threat landscape in 2014.

Another ransomware has been spotted in the wild lately, branded as ‘CoinVault’. This one involves some interesting details worth mentioning, including the peculiar characteristic of offering the free decryption of one of the hostage files as a sign of good faith.

During the course of this investigation, Kaspersky Lab’s experts discovered a piece of malware infecting ATMs that allowed attackers to empty the cash machines via direct manipulation, stealing millions of dollars. INTERPOL alerted the affected member countries and is assisting ongoing investigations.

In a series of online attacks targeting flaws on network devices and involving malicious DNS servers, fake documents, browser code injections, malicious browser extensions and a lot of creativity, the crooks have successfully stolen vast amounts of money.

From penny-stealing malware to multi-million-dollar heists, a quick overview of the bitcoin bonanza in the digital era.

An organization recently asked Kaspersky Lab to investigate an incident that had occurred in its corporate remote banking system: a bank asked for confirmation of a payment worth about US$80,000. The organization’s accountant had not made the payments himself, so the organization suspected a malware attack. But how was that possible?

There is currently a lot of buzz about the Backoff point-of-sale Trojan that is designed to steal credit card information from computers that have POS terminals attached.