The year 2014 saw a considerable growth in the number of malicious attacks on users’ computer and mobile devices, further development of financial malware and a change in the vectors of web attacks, an IT security product company reports.
In 2013, most web attacks were carried out using malicious web resources in the USA and Russia, while in 2014 Germany hosted more malicious sites than anywhere except the USA. The Netherlands has remained in third place, says Kaspersky Lab . It reports:
38 per cent of user computers were subjected to at least one web attack over the year.
44 per cent of web attacks neutralised by Kaspersky Lab products were carried out using malicious web resources located in the US (27.5 per cent of all attacks) and Germany (16.6 per cent). The Netherlands (13.4 per cent) came third.
Attempts to steal money via online access to bank accounts were blocked on almost 2,000,000 user computers.
An average Mac user encountered nine threats during the year
Kaspersky Lab solutions blocked 1.4 million attacks on Android-based devices, four times as many as last year.
Mobile threats
295,500 new mobile malicious programs, 2.8 times as many as in 2013
12,100 mobile banking Trojans, nine times as many as last year
53 per cent of attacks involved mobile Trojans targeting users’ money (SMS-Trojans, banking Trojans)
19 per cent of Android users (one in five) encountered at least one mobile threat throughout the year
Mobile malware attacks were registered in more than 200 countries worldwide
Roman Unuchek, Senior Mobile Malware Analyst at Kaspersky Lab, said: “2011 was the year of mobile malware formation, especially on Android-based devices; 2012 was when they developed and 2013 was when they reached maturity. In 2014 mobile malware focused on financial issues: the number of mobile banking Trojans was nine times greater than in the previous year and developing in this area is continuing at an alarming rate.”
Financial
The fraudsters who specialise in mobile financial malware are probably inspired by their experienced “colleagues” who have been stealing money via personal computers for years. Zeus remains the most widespread banking Trojan with ChePro and Lohmys coming second and third. Three quarters of attacks targeting users’ money were carried out using banking malware but these are not the only financial threats. Bitcoin wallet theft was the second most popular banking threat (14 per cent). Bitcoin mining software (ten per cent) is another threat related to the crypto currency. It uses computing resources to generate bitcoins.
Maria Garnaeva, Security Expert at Kaspersky Lab’s Global Research and Analysis Team, said: “One of the most effective ways to deliver malware to user computers is to exploit vulnerabilities in Oracle Java and in browsers such as Explorer, Mozilla Firefox, etc. In addition, cybercriminals continue to use exploits for Adobe Reader vulnerabilities. These infection techniques remain popular simply because social engineering techniques are still effective. Each year we see how cybercriminals are creating more inventive ways of luring in their victims. That is why recipients are still willing to read a seemingly harmless email from an unexpected source and then open attachments or follow links that expose them to malicious programs.”
The full report is on the Securelist website.
