Financial threats

The main difference with other APT attacks is that Carbanak attackers do not see data but money as their primary target. Losses per bank range from $2.5 million to approximately $10 million. Carbanak is the most successful criminal cyber campaign we have ever seen.

In 2013 we registered a sudden surge in the number of attacks targeting users’ financial information and money. In 2014, the situation changed considerably: the number of attacks and attacked users significantly decreased, as did the amount of financial phishing.

In the fall of 2014, we discovered a new banking Trojan, which caught our attention for two reasons: a new technique for loading modules and a large number of online-banking systems were its targets

By closely observing more than 60 threat actors responsible for APT attacks worldwide, the team of experts has now compiled a list of the top emerging threats in the APT world. We think these will play an important role in 2015.

The end of the year is traditionally a time for reflection – for taking stock of our lives before considering what lies ahead. We’d like to offer our customary retrospective of the key events that shaped the threat landscape in 2014.

Another ransomware has been spotted in the wild lately, branded as ‘CoinVault’. This one involves some interesting details worth mentioning, including the peculiar characteristic of offering the free decryption of one of the hostage files as a sign of good faith.

During the course of this investigation, Kaspersky Lab’s experts discovered a piece of malware infecting ATMs that allowed attackers to empty the cash machines via direct manipulation, stealing millions of dollars. INTERPOL alerted the affected member countries and is assisting ongoing investigations.

In a series of online attacks targeting flaws on network devices and involving malicious DNS servers, fake documents, browser code injections, malicious browser extensions and a lot of creativity, the crooks have successfully stolen vast amounts of money.

From penny-stealing malware to multi-million-dollar heists, a quick overview of the bitcoin bonanza in the digital era.

An organization recently asked Kaspersky Lab to investigate an incident that had occurred in its corporate remote banking system: a bank asked for confirmation of a payment worth about US$80,000. The organization’s accountant had not made the payments himself, so the organization suspected a malware attack. But how was that possible?

There is currently a lot of buzz about the Backoff point-of-sale Trojan that is designed to steal credit card information from computers that have POS terminals attached.

In recent times we’ve been seeing a lot of file-encrypting ransomware activity. One of the new ones we’ve seen pop up in the last couple weeks is called ZeroLocker.

Everything you read about boleto malware attacking the popular Brazilian payment system was only the tip of the iceberg. The Brazilian bad guys are quickly developing and adopting new techniques.

Kaspersky Lab products detected and neutralized a total of 995,534,410 threats in the second quarter of 2014. 927,568 computers running Kaspersky Lab products were attacked by banking malware. 65,118 new malicious mobile programs were detected. 2033 mobile banking Trojans were detected in this period, 1.7 times more than last quarter.

Trojan-Ransom.Win32.Onion is a highly dangerous threat and one of the most technologically advanced encryptors out there. Its developers used both proven techniques ‘tested’ on its predecessors and solutions that are completely new for this class of malware.