1 min read

“India is the 3rd most affected country by online banking malware”

– As per Trend Micro Q1, 2014 Threat Round Up

 

  • Online banking malware sported new routines and assisted in rising the numbers to 9% in India
  • Improvement in Indian Banking Industry led to significant rise of Online Banking Malware

 

As revealed in the Trend Micro Q1, 2014 Threat Round Up, India has made it to the top 3 most affected countries by online banking malware. India slowly rose to the top 3 due to a spike in the number of online bankers in the country, which could be attributed to a vastly improved banking industry.

 

“The number of online bankers in the India has improved the overall industry but has resulted in significant rise in malicious activities. The mobile banking transaction volume grew along with the number of online money transfers-a-top-ranking secondary means of making inward remittances in India in Q1, 2014,” said Mr. Dhanya Thakkar,  Managing Director, Trend Micro (India & SEA).

 Online Banking Volume per Month 1Q 2014

Online banking malware creators updated their portfolios yet again with the addition of new routines to their usual weapons of choice. Case in point: We found a ZeuS/ZBOT variant that had a 64-bit version, used Tor to hide C&C communications, and evaded anti-malware detection. We also saw a ZeuS/ZBOT spam attachment run only on a specific date but crashed on any other.

 Trend Micro - Online Banking Malware

On the Control Panel (CPL) front, we unmasked a BANLOAD variant that only affected Latin Americans who have been identified as such through their security software plug-ins. Another variant, meanwhile, used a nonexisting WhatsApp desktop client as lure to spread. Even worse, when executed, it downloaded a BANKER variant as well onto an already-infected computer.

 

Though they sported new routines, online banking malware retained their core. They continued to be widespread in the same countries—United States (23%), Japan (10%), and India (9%)—and grow in number amid the steady rise of the number of Internet users and online transactions. In fact, the online banking malware volume showed a 3% increase to 116,000 this quarter from 113,000 in the first quarter of 2013.

 

Since law enforcement activities against online theft are slowly being ramped up, cybercriminals are starting to add more layers to ensure anonymity in order to protect their identities and avoid getting arrested. Using Tor as a C&C channel allowed them a little more anonymity and gave them some degree of additional resilience against security software detection and takedown.

 

For Further details: http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/reports/rpt-cybercrime-hits-the-unexpected.pdf

Leave a Reply