View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Ruthless hackers ransom banks with mobile malware

Ultimatums from hackers could cost financial organisations tens of thousands of dollars.

By CBR Staff Writer

In the second quarter of this year almost 300,000 new mobile malware programs emerged as phones become a more appealing target for hackers.

Mobile banking has become a key target, with threats becoming more intelligent.

Kaspersky reveals that the, reported in its Q1 2015 cyberthreats report, was capable of attacking no less than 29 banking and financial applications.

In Q2 this number surged almost three fold to 114, with attackers targeting a collection of login credentials so that several popular email applications can be attacked.

Mobile threat growth saw one million mobile malware installation packages in Q2, which is seven times greater than it was in Q1.

The threat malware poses has also been identified by FireEye which shone a light on a breach of US government networks, allegedly carried out by Russian government backed hackers who used Twitter and photos to distribute malware.

According to FireEye, a criminal organisation dubbed APT29 is using Twitter, GitHub and cloud storage services to extract data from compromised networks.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

Hammertoss, the name of such attacks, work by retrieving commands via legitimate web services, with the infected machines then generating an algorithm which checks for different Twitter accounts. Hackers are then able to upload images with hidden code that can install malware.

Computer systems simply recognise a normal Tweet, making it difficult to identify any intrusion.

Laura Galante, director of threat intelligence, FireEye, said: "The novel approach APT29 takes to carry out its attacks and maintain their persistence in networks represents a level of difficulty that security professionals could see trickle down into their own network security operations."

Many attacks are aimed at stealing money through access to online bank accounts, however Kaspersky’s report identifies that attempted malware infections on the web reduced by 800,000 from Q1 to 5.9 million in Q2.

Despite this reduction in malware attacks, financial companies are still being faced with ultimatums’ from cybercriminals.

Hackers are extorting banks and other financial companies, demanding firms to pay ransoms of up to tens of thousands of dollars to keep their websites safe from a DDoS attacks.

Richard Jacobs, an FBI agent in charge of the New York cyber branch, said that over 100 businesses have been targeted by cyber criminals since April.

Jacobs told MarketWatch that hackers conduct DDoS attacks that increase a company’s web traffic with no valuable data in order to bring the service to a standstill.

Yaroslav Rosomakho, Principal Consulting Engineer, EMEA at Arbor Networks, said: "Hackers’ activities against internet services of financial institutions are on the rise, since these services are an absolutely critical part of daily business.

"Hackers realise that DDoS can be as disruptive as other more traditional attack methods and, unfortunately, still many organisations do not pay enough care to availability protection of their services and infrastructure.

Disruption of a financial company’s services could cost the business more than $100,000 per hour, according to Neustar.

While banking malware makes up the majority of the threat (83%), other threats are posed by Bitcoin miners (9%), Bitcoin wallet stealers (6%) and keyloggers (2%).

Additional figures from the report shows that the company detected and repelled 379.9 million malicious attacks; this is 19% lower than in Q1.

A fall in attacks aimed at Internet users’ computers was also seen, with 23.9 coming under a web-borne attack at least once; this is 2.4% lower than in Q1.

Co-authored by Joao Lima and James Nunns.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.