PH logs highest number of users attacked in APAC by banking Trojans — Kaspersky

MANILA, Philippines — The Philippines recorded the highest number of users attacked in the Asia Pacific by banking Trojans discovered in the region, based on the latest findings of Kaspersky.

“In terms of regional distribution, the Philippines logged the highest number of unique users attacked in APAC at 22.26% of all banking Trojans discovered in the region, followed by Bangladesh (12.91%), Cambodia (7.16%), Vietnam (7.04%), and Afghanistan (7.02%),” the cybersecurity company said in its report released on Thursday.

After analyzing historical data from Kaspersky Security Network, Vitaly Kamluk, the company’s Director of Global Research & Analysis Team for APAC, discovered that the increased cashless payments in APAC have paralleled the rise of banking Trojans in the region, according to Kaspersky.

“As we all know, the lockdown restrictions forced everyone to shift their financial transactions online. But now, after analyzing the historical figures we have on financial threats, I also learned that there was another outbreak that started in early 2019 in APAC – banking Trojans,” Kamluk said.

Banking Trojans, used to steal money from users’ bank accounts, are one of the “most dangerous species in the malware world,” said Kaspersky. The goal of this malware is either to obtain access credentials or one-time passwords to online bank accounts or to manipulate the user and hijack control for the online banking session from the legitimate owner.

Kaspersky said most developed countries show low statistics for detecting banking Trojans while developing countries seem to have become and remain a hotspot for cybercriminals since 2019.

“Banking Trojans were not the biggest concern of many countries in APAC until 2019 when an outbreak of infections appeared in multiple countries at once. From then on, there was no looking back. Our telemetry shows that this malicious threat has grown in terms of detections and reach,” Kamluk said.

“We see that it will continue to pose a significant threat to both financial organizations and individuals here as we continue to see more users and startups dipping their feet into the digital payments field,” he added.

Meanwhile, Kamluk also noted that the number of unknown financial threat actors has grown over time.

“The proportion of the unknown has grown over time, which is an alarming trend. With the growth of the number of attacks, there seems to be an alarming trend of financial institutions becoming less and less capable of identifying who attacked them,” he said.

“The unknown, unidentified threat actors were behind 60% of the attacks in 2020, but this number will likely grow up to 75% this year,” he added.

To avoid being victimized, Kaspersky advised financial organizations and enterprises to defend their perimeters with reliable vendors, run cybersecurity drills, verify supply chain software, monitor the latest trends and attacks, and motivate staff to report suspicious findings and contacts.

The company also advised individuals to update their software regularly, pay attention to security software alerts, use complex passwords and hardware digital wallets and diligently follow its security protocols, and install reliable security solutions for their devices.

RELATED STORIES

‘The Invisible Man’ smartphone malware targets bank customers in major countries

Cyberthreats hound PH companies

View comments

TAGS: Cybersecurity, Kaspersky, Vitaly Kamluk