Page 73 - Cyber Defense eMagazine July 2024
P. 73

It turns out the alert was warranted, as the number and complexity of banking trojan attacks have soared
            since then. According to Kaspersky’s 2022 Mobile Threats report, nearly 200,000 mobile banking Trojan
            installers were detected — two times more than in 2021.

            Despite  stronger  bank  security  features  and  newer  system  designs,  malware  continues  to  persist,
            adapting in scope and technical ability. What first started as a program primarily targeting bank customers
            has become a menace across various financial institutions, including FinTech and blockchain companies.

            Even more concerning  is that these attacks have become an international  affair affecting organizations
            and  their  customers  across  continents.  A  recent  example  is Grandoreiro  —  a devious  banking  trojan
            operated as a malware-as-a-service to impersonate government entities in Africa, Europe, South America
            and the Indo-Pacific regions. This malware has targeted 1,500 banking applications in over 60 countries
            through sophisticated email phishing attacks.



            How Do They Work?

            Banking trojans are designed for different functions, including:

               •  Overlay  attacks:  The malware  overlays  a fake log-in page  onto legitimate  applications.  When
                   users enter their credentials, the trojan captures and sends them to the hacker. One example is
                   the SharkBot banking malware, which primarily targets Android users.
               •  Device  control:  Some  trojans  can  remotely  control  devices,  including  the  lock  and  unlock
                   features, camera, text messaging, and even screen content capture. The malware uses these to
                   bypass security before perpetrating theft.
               •  Keylogging:  These  banking  trojans  record  a  user’s  keystrokes  when  logging  into  their  bank
                   accounts, allowing hackers access.
               •  Data exfiltration: This malware can exfiltrate SMS messages, intercepting sensitive information
                   necessary for financial transactions, such as 2FA and OTP codes.



            How Can Users Protect Against Banking Trojans?

            Addressing malware's increasing pervasiveness requires a comprehensive framework involving a mix of
            top-notch security measures and the most recent cybersecurity best practices.

            1. Install Anti-Virus and Malware Detection Software

            Just as locking doors  and windows prevents  physical  infiltrations,  installing  the latest antimalware  and
            antivirus programs protects banking information from malicious threats. Financial institutions can employ
            advanced  analysis  tools  with  hybrid  functionality  to  scan  for  threats  and  open  detected  trojans  in  a
            Sandbox for safe assessments.









            Cyber Defense eMagazine – July 2024 Edition                                                                                                                                                                                                          73
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   68   69   70   71   72   73   74   75   76   77   78