Group-IB has fixed a new wave of viruses spreading under the guise of mobile applications of large Number of banks. Attack, as experts say, can be subjected to users of devices on the Android operating system.
Computer-security Company Group-IB has revealed a new wave of Trojan programs spread under the guise of mobile applications of large Number of banks. This is stated in the company’s message to RBC.
Attack, according to experts, can be affected by users of mobile devices on the Android operating system. In this case, the virus, as noted in the Group-IB, is not distributed through the official Google Play application store, but through advertisements in search engines that redirect users to third-party resources.
Malicious software, according to experts, after installing a fake bank application requests from the owner of Android login and password from the personal cabinet in an online banking system, as well as the details of the payment card.
Later, these data are transmitted to attackers, experts warned, stressing that the staff of the response center for information security incidents of Group-IB have already blocked “about ten resources” from which such fraudulent applications were spread. “But there will be more [blocked resources], as activity is still going on,” the company noted.
“The quality of fake applications, both in design and in the mechanics of infection, is constantly growing, which confuses many users who do not pay attention to critical details: the domain name, forwarding to a third-party resource,” warned the head of the Center for Responding to Information Security Incidents Alexander Kalinin.
Over the past two years (from the second half of 2015 to the first half of 2017 inclusive), the losses of the Number of financial sector from the actions of cybercriminals amounted to $ 117.4 million, also calculated in Group-IB. $ 70 million of this amount, according to experts, accounted for target attacks of malefactors on banks, $ 27 million – on losses from theft in Internet banking systems from legal entities. Individuals, according to experts, have lost more than $ 20 million from cyber-fraudsters. Almost all of these funds, according to the Group-IB, have been stolen by using Android Trojans.
In mid-November, Group-IB announced the activation of scammers in social networks, which on behalf of employees of the largest Number of banks are trying to lure customers of credit institutions their bank card data. The scheme of fraud, according to experts, was that the attackers from the counterfeit account of a bank employee promptly responded to complaints or questions that users left on the page of financial organizations in the social network. They scammers sent a personal message with a request to clarify the details of the bank card.
