sb-au logo
Story image

New Trojan infecting mobile banking

Last year saw cyber-criminals make their way into the moblie banking world, with a mobile banking Trojan entering the Top 10 most prevalent malicious programmes trageting finances for the first time.

The Asacub Trojan was first discoverd in June 2015, and was capable of stealing the contact lists, browser history, list of installed apps, sending SMS messages to given numbers and also blocking the screen of an infected device – all standard functions for a typical information stealing Trojan.

However, Kaspersky Lab experts later discovered several new versions of the Asacub Trojan , which confirmed its transformation into a tool for stealing money, with the new version equipped with phishing pages mimicking log-in pages of banking applications.

According Kaspersky Lab, at first it seemed Asacub was targeting only Russian-speaking users, because the modifications contained fake log-in pages of Russian and Ukrainian banks. But after further investigation, Kaspersky Lab’s experts found a modification with fake pages of a large US bank.

These new versions also contained a new set of functions including call redirection and sending USSD requests (a special service for interactive non-voice and non-SMS communications between the user and cellular provider), which made Asacub a very powerful tool for financial fraud.

Although Kaspersky Lab has been aware of several versions of the Trojan for some time, the company’s threat detection systems found almost no sign of active Asacub campaigns until the end of 2015.

Within just one week, Kaspersky Lab identified more than 6,500 attempts to infect users with the malware making it one of the 5 most popular mobile Trojans of that week, and the most popular Trojan-Banker.  

“When analysing this Trojan, we found that the Asacub malware has connections to criminals with links to a Windows-based spyware called CoreBot,” explains Roman Unuchek, senior malware analyst at Kaspersky Lab USA.

“The domain used by Asacub’s Command&Control center is registered to the same person as tens of domains that were used by Corebot,” Unuchek says.

“It is therefore highly likely that these two types of malware are being developed or used by the same gang, who see huge value and criminal gain in exploiting mobile banking users,” he explains.

"Based on current trends, we can assume that in 2016, the development and prevalence of mobile banking malware will continue to grow and account for an even greater share of malware attacks.

“Users need to be extra vigilant to ensure they don’t become the next victim”.

Story image
DigiCert receives top award from Frost & Sullivan thanks to agile approach
DigiCert has received the 2020 Global Company of the Year Award by Frost & Sullivan, with specific focus on its global transport layer security (TLS) certificate market. More
Story image
ExtraHop brings SaaS network detection and response solution to market
"Reveal(x) 360 is the culmination of a multi-year R&D investment to secure data centre, remote sites, and cloud workloads with frictionless deployment and actionable insights that can be securely accessed from anywhere.”More
Story image
Australians uneasy about facial recognition tech - report
Half of Australians believe their privacy is being invaded by the tech, and two-thirds think they should be able to opt out of databases using it.More
Story image
WatchGuard completes acquisition of Panda Security
Executives say the immediate goal of the now-combined companies is to provide stakeholders access to a newly expanded portfolio of security solutions.More
Story image
Current security practices 'grossly inadequate' for protecting cloud infrastructures - report
"As cloud stacks become increasingly complex, with new technologies regularly added to the mix, what's needed is a holistic approach with consistent protection across the full cloud stack."More
Link image
OSS Group helps businesses use IT Automation to unify people & processes
if it exists in IT there is usually a way to automate it. Whether you're a director or systems engineer, those that understand automation can achieve a more streamlined and secure business.More