View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
March 5, 2015updated 19 Aug 2016 4:18pm

Botnet takedowns dent financial malware surge

Police action looks effective, but hackers are getting smarter.

By Jimmy Nicholls

Botnet takedowns have dented the numbers of financial trojans despite hackers deploying increasingly sophisticated malware, according to the security vendor Symantec.

A report from the firm found that infections from financial trojans dropped by half over the course of last year, after a pronounced increase in the first few months, with the US, UK and Germany counting the highest number of infections.

Candid Wueest, threat researcher at Symantec, said: "The drop in detections in 2014 can be partially attributed to a few takedown and arrest operations conducted by different law enforcement agencies in cooperation with the security industry.

"Malware author arrests often lead to an end of support situation for threat families, causing the malware’s usage to drop and shift."

The prevalence of many financial trojan families dropped between 2013 and 2014, with Cridex suffering the steepest decline as the number of detections fell from 125,000 to a mere 29,000.

However the fortunes of Zbot, also known as Zeus, went in the opposite direction, as detections doubled over the same period from two million to four million.

"Most financial Trojans nowadays are distributed through exploit kits such as Styx, Angler, and Nuclear, and we have technology to cut these attacks off before they can do damage," Wueest explained, referring to bespoke malware designed to target specific bugs.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

"Our URL reputation technology can prevent users from visiting exploit kit landing pages in the first place," he added. "Additionally, our browser protection technology can block the exploits that are distributed through these kits before they can download dropper malware onto computer."

High profile botnet takedowns caught increasing media attention last year as police sought to reassure the public that they were taking action against a surging wave of cybercrime.

However many have disputed their effectiveness, with one security researcher informing CBR that the hackers behind GameOver Zeus, a variant of Zbot shut down last summer, had simply moved on to newer, more sophisticated strains of malware after the takedown.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.