Long before the local region witnessed the COVID-19 outbreak, it witnessed an epidemic of another kind, banking Trojans, and the Philippines is now the hardest-hit country in the world. all Asia-Pacific countries (APAC).
Banking Trojans, malware loaded through backdoors and designed to access confidential or material information stored or processed through online banking systems, have started to spread along with the growing adoption of digital payments in the world. region after the start of the pandemic in late 2019 and early 2020.
This is according to Vitaly Kamluk, director of the global research and analysis team at Kaspersky Asia-Pacific, who discovered after analyzing historical data from Kaspersky Security Network (KSN) that the increase in cashless payments in APAC paralleled the rise of banking Trojans in the region. .
But Kamluk also found evidence of a banking Trojan epidemic in the region that prevented the outbreak of COVID-19.
“Even before COVID-19, Asia-Pacific has always been a leader in digital payment adoption, driven by developed countries like China, Japan, South Korea and even India” , Kamluk said. “This pandemic has dramatically expanded the use of this technology, especially in the still emerging economies of Southeast Asia and South Asia.
“As we all know, foreclosure restrictions have forced everyone to move their financial transactions online. But now, after analyzing the historical figures we have on financial threats, I have also learned that there had been another epidemic that had started in early 2019 in APAC – banking Trojans, ”he said. he adds.
Banking Trojans were not the biggest concern in many Asia-Pacific countries until 2019, when the outbreak of infections emerged in multiple countries at once, Kamluk said.
“From that point on, there was no turning back,” Kamluk said. “Our telemetry shows that this malicious threat has increased in terms of detections and range.
“We see this will continue to pose a significant threat to financial organizations and individuals here as we continue to see more and more users and startups entering the digital payments arena,” he said. added.
Typically, the goal of malicious banking Trojans is to either obtain access credentials or one-time passwords to online banking accounts, or to manipulate the user and hijack control of them. a live online banking session from the legitimate account owner.
Analysis from a decade of historical Kaspersky
Security Network data suggests that South Korea was among the first countries in the Asia-Pacific region to suffer severely from banking Trojans in 2011-2012.
However, data indicates a significantly lower relative number of infections in Korea since 2013, with the country currently low on the list of countries infected with banking Trojans in the region.
According to Kaspersky’s analysis, most other developed countries in the region also have low detection statistics for banking Trojans, but developing countries appear to have become and have remained a hot spot for criminals specializing in exploits. banking Trojans since 2019.
In fact, the Philippines appears to have risen to the top of the regional pack in terms of banking Trojan attacks, with Cambodia and Vietnam also among the hardest hit countries in Southeast Asia.
In terms of regional distribution of banking Trojans in 2021 alone, the Philippines recorded the highest number of unique users attacked in APAC, with 22.26% of all banking Trojans discovered in the region this year. until now.
The Philippines was followed respectively by Bangladesh with 12.91 percent, Cambodia with 7.16 percent, Vietnam with 7.04 percent and Afghanistan with 7.02 percent.
Based on analysis of nearly 300 publicly reported cyber incidents in the financial sector since 2007, types of financial threat actors include non-state actors – typically cybercriminals – seeking personal gain and illegal profit. ; state sponsored hackers; initiates; multiple actors – a combination of other types; and “unknown”.
The unknown category, which simply refers to all instances where it was not clear who was behind an attack, has increased.
“The proportion of strangers has increased over time, which is an alarming trend,” Kamluk said. “With the increase in the number of attacks, there seems to be an alarming trend that financial institutions are becoming less and less able to identify who has attacked them.
“Unknown and unidentified threat actors were behind 60% of attacks in 2020, but that number will likely increase to 75% this year,” he added.
In February, Kaspersky revealed research indicating that India, Indonesia and Malaysia were among the 10 countries in the world to have been affected by the highest number of malware attacks by the SilentFade group during the month. previous.
As reported by sister publication CSO, Facebook discovered the SilentFade malware family in late 2018, with origins dating back to 2016.
The SilentFade group initially used a combination of a Windows Trojan, browser injections, clever scripts, and a bug in the Facebook platform to deploy their malware.
The security provider said its researchers have spotted significant growth in malware used by SilentFade, with the highest number of incidents during the month of January detected in India, Brazil, Indonesia, Italy, Germany , in Algeria, Malaysia, Russia, France and Egypt.
Tags malwarekasperskyPhilippinestrojans banking Trojans