Mobile Banking Threat on the Rise as Hackers 'Refine' Techniques

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.foxbusiness.com/technology/2013/11/12/mobile-banking-threat-on-rise/

The malicious software used by bad guys to steal banking data is on the
rise.

While the crackdown on digital currencies has helped thwart some operations
used by cyber criminals to launder money, crime through Trojans to nab
critical banking data nevertheless remains a problem.

In the third quarter, online banking Trojans, which are used to steal
banking information from the user, soared to a record high with more than
200,000 infections, the highest since 2002, according to new data from
TrendLabs.

The next highest in more recent history was 146,000 infections, which took
place in the second quarter.

Just three countries – the U.S., Brazil and Japan – accounted for more than
half of the infections, though TrendLabs said infections spread across the
globe and were no longer concentrated on just Europe and the Americas.

“Cybercriminals continued to refine their techniques this quarter,”
TrustLabs said in its third-quarter report. “Online banking malware
infections increased in several regions … we also caught a glimpse of the
massive scale of compromised sites.”

This, of course, comes as more people around the globe bank on the go,
using their phones and PCs to do anything from check their balance and
transfer money to pay their bills.

In an August survey by the Federal Reserve, nearly 21% of U.S. mobile phone
users said they used mobile banking in the past 12 months, while 11% of
those who had not yet used it reported they would "definitely" or
"probably" bank in the next year.

The security firm also pointed to the rise in malicious and high-risk apps
targeting Google’s Android. That category reached the one-million mark for
the first time in September, with 800,000 having malicious characteristics.

The remaining apps, considered to be high risk, included those that
aggressively pushed ads to users, known as “adware,” which can lead to
device information theft.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

# OWASP http://www.appsecusa.org
# Builders, Breakers and Defenders
# Time Square, NYC 20-21 Nov
o()xxxx[{::::::::::::::::::::::::::::::::::::::::>

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security offers security intelligence, risk management services and customized security solutions. The 
YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk 
mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.