2016 viu vários poderosos grupos de cibercriminosos financeiros direcionados especificamente a organizações grandes e financeiramente sólidas. Bancos múltiplos, sistemas de processamento de pagamentos, hotéis, varejistas e muitas outras empresas que dependem de pagamentos PoS foram brutalmente direcionados.
Details about such attacks were just described in a new Kaspersky Lab report. Cybercriminal gangs such as the one behind Carbanak stole millions of dollars and caused irreparable damages. As to why cybercriminals have moved their focus towards larger organizations, the answer is quite simple: the bigger the fish, the bigger the gain.
Não obstante, the shift towards high profile targets didn’t spare smaller businesses and home-based users from getting compromised and robbed. The report says that “the number of attacked users of this calibre started to grow again in 2016, following a decline in 2014 e 2015.”
Tendo dito isto, one question remains to be addressed, and that’s exactly what Kaspersky researchers did.
What were the most prevalent attacks in 2016 (that ended up with huge financial profit on the criminals’ side)?
Ataques de phishing 2016
Phishing continued to be one of the most prevalent financial-draining activities throughout 2016. Researchers even claim to have seen more phishing attempts last year, in addition to the attack scenarios becoming more professional and sophisticated.
For the first time in 2016, the detection of phishing pages which mimicked legitimate banking services took first place in the overall chart – as criminals sought to trick their victims into believing they were looking at genuine banking content or entering their details into real banking systems.
relacionado: A maioria Ludicrous ransomware em 2016
Além disso, financial phishing’s share reached 47.48% of all phishing heuristic detections. The number is the highest so far for financial phishing on Windows, Kaspersky Lab researchers reveal adding that “every fourth attempt to load a phishing page blocked by Kaspersky Lab products was related to banking phishing”.
Banking Malware 2016
Infelizmente, banking malware also saw an increase last year, leading to the increase of attacked users. De acordo com o relatório, the number of users attacked with banking Trojans increased by 30.55% and reached 1,088,900. além do que, além do mais, aproximadamente 18% of banking malware victims is represented by corporate users. Most victims were found in Users in Russia, Alemanha, Japão, Índia, Vietnam and the US.
The trends show us that although professional cybercriminal groups have indeed shifted a lot of their attention to targeted attacks against large companies, regular users and smaller firms are still being targeted with the help of widespread malware including Zbot, Gozi, Nymaim, Shiotob, ZAccess, Tinba, Shiz and more.
Android Banking Malware 2016
2016 was quite intense in terms of Android malware. Kaspersky’s report reveals some “particularly interesting activity”. From the middle of the year the researchers were able to establish an exponentially increasing rate of Android-based attacks, “from just 3,967 attacked users in January to around 75,000 em outubro 2016”. The most targeted users were in Russia, Australia and Ukraine, where the highest percentage of attacks was found.
Interestingly we discovered that just two families of malware were responsible for this sudden change: Asacub and Svpeng, which affected a large number of users, most of whom were in Russia. While Asacub was distributed actively via SMS, Svpeng was spread through Google AdSense and took advantage of a security issue in a popular mobile browser.
Para divulgação técnico completo, read the full report by Kaspersky Lab.