Financial threats

In a series of online attacks targeting flaws on network devices and involving malicious DNS servers, fake documents, browser code injections, malicious browser extensions and a lot of creativity, the crooks have successfully stolen vast amounts of money.

From penny-stealing malware to multi-million-dollar heists, a quick overview of the bitcoin bonanza in the digital era.

An organization recently asked Kaspersky Lab to investigate an incident that had occurred in its corporate remote banking system: a bank asked for confirmation of a payment worth about US$80,000. The organization’s accountant had not made the payments himself, so the organization suspected a malware attack. But how was that possible?

There is currently a lot of buzz about the Backoff point-of-sale Trojan that is designed to steal credit card information from computers that have POS terminals attached.

In recent times we’ve been seeing a lot of file-encrypting ransomware activity. One of the new ones we’ve seen pop up in the last couple weeks is called ZeroLocker.

Everything you read about boleto malware attacking the popular Brazilian payment system was only the tip of the iceberg. The Brazilian bad guys are quickly developing and adopting new techniques.

Kaspersky Lab products detected and neutralized a total of 995,534,410 threats in the second quarter of 2014. 927,568 computers running Kaspersky Lab products were attacked by banking malware. 65,118 new malicious mobile programs were detected. 2033 mobile banking Trojans were detected in this period, 1.7 times more than last quarter.

Trojan-Ransom.Win32.Onion is a highly dangerous threat and one of the most technologically advanced encryptors out there. Its developers used both proven techniques ‘tested’ on its predecessors and solutions that are completely new for this class of malware.

Stealing more than half a million euro in just a week – it sounds like a Hollywood heist movie. But the organizers of the Luuuk banking fraud pulled it off with a Man-in-the-Browser (MITB) campaign against a specific European bank.

In this second part of our series we explain the most common attacks on ATMs and PoS (Point of Sales) devices in Brazil. These are out to clone your credit card using skimmer devices, fake signage and, of course, a lot of malware.

PDF Version  Financial cyber threats in 2013. Part 1: phishing Financial cyber threats in 2013. Part 2: malware Main findings According to the information collected from the protection sub-systems of Kaspersky Lab products, 2013 saw a dramatic increase in the number of finance-related attacks, be it phishing or attacks involving malware. Below are the main

So our recent discovery of Trojan-SMS.AndroidOS.Waller.a highlighted a new get-rich technique that not only sent a premium SMS but also saw the malware attempt to steal money from a QIWI electronic wallet.

It has been quite a few years since cybercriminals started actively stealing money from user accounts at online stores, e-payment systems and online banking systems.

Over the last few months I have been closely monitoring so-called Darknet resources, mostly the Tor network, and the cybercriminal element is growing.

Most of cybercriminals like to put the CPL file inside a ZIP, but we have also found it inserted inside RTF files. This kind of malware belongs to the Trojan-Banker.Win32.ChePro family, first detected in Russia in October 2012.