Banking trojans were widely used by cyber criminals to target businesses during August, according to the latest Global Threat Impact Index by security firm Check Point.
A total of three banking trojans – Zeus, Ramnit and Trickbot – all featured in the top ten most common malware programs last month. They identify when the victim visits a banking website, then use keylogging or webinjects to steal login information or sensitive data such as PINs.
They can also direct victims to fake banking websites that have been designed to appear like legitimate ones to steal information.
According to the report, Roughted remained the top malware in August, although its global impact decreased from 18 per cent to under 12 per cent of organisations worldwide. It is large-scale ‘malvertising’ used to deliver various malicious websites and payloads such as scams, adware, exploit kits and ransomware.
It can attack any platform or operating system, and utilises ad-blocker, bypassing and fingerprinting in order to make sure it delivers the most relevant attack.
In terms of mobile threats, Check Point found that the most popular malware used to attack companies in August were: Triada, a modular backdoor for Android that grants super-user privileges to downloaded malware, helping it become embedded into system processes; Gooligan, Android malware capable of rooting devices and stealing email addresses and authentication tokens stored on the device; and Hiddad, Android malware that repackages legitimate apps and then releases them to a third-party store, with the main function to display ads.
The latter is also able to gain access to key security details built into the OS, allowing an attacker to obtain sensitive user data.
Maya Horowitz, threat intelligence group manager at Check Point, said: “To see both a highly effective ransomware variant and a range of banking trojans in the top ten most prevalent malware families really underlines how tenacious and sophisticated malicious hackers can be in their attempts to extort money.
“Organisations need to be both vigilant and proactive in order to protect their networks.”