The Philippines has logged the highest number of unique users attacked in APAC at 22.26 per cent of all banking Trojans discovered in the region this year so far.

malware, kaspersky, philippines, trojans, banking trojans

Manila, Philippines

Credit: Photo by David Milmont on Unsplash

Long before the local region witnessed the outbreak of COVID-19, it bore witness an outbreak of another kind, banking Trojans, and the Philippines is now the hardest hit of any country in Asia Pacific (APAC).  

Banking Trojans, backdoor-loaded malware designed to gain access to confidential or material information stored or processed through online banking systems, began to surge in line with burgeoning digital payment adoption in the region following the onset of the pandemic in late 2019 and early 2020.  

This is according to Vitaly Kamluk, director of Kaspersky’s Asia Pacific global research and analysis team, who discovered after analysing the historical data from Kaspersky Security Network (KSN) that the increased cashless payments in APAC ran parallel to the rise of banking Trojans in the region.

But Kamluk also found evidence of a banking Trojan outbreak in the region that pre-empted the onset of COVID-19.  

“Even before COVID-19, Asia Pacific has always been one of the leaders in digital payment adoption, driven by developed countries like China, Japan, South Korea and even India,” Kamluk said. “This pandemic extended the use of this technology significantly further – particularly in still emerging economies in Southeast Asia and South Asia.  

“As we all know, the lockdown restrictions forced everyone to shift their financial transactions online. But now, after analysing the historical figures we have on financial threats, I also learned that there was another outbreak that started in early 2019 in APAC – banking Trojans,” he added.  

According to Kamluk, banking Trojans weren’t the biggest concern of many countries in Asia Pacific until 2019 when the outbreak of infections appeared in multiple countries at once.  

“From then on there was no looking back,” Kamluk said. “Our telemetry shows that this malicious threat has grown in terms of detections and reach.  

“We see that it will continue to pose a significant threat to both financial organisations and individuals here as we continue to see more users and startups dipping their feet into the digital payments field,” he added.

Typically, the goal of banking Trojan malware is either to obtain access credentials or one-time passwords to online bank accounts or to manipulate the user and hijack control of a live online banking session from the legitimate account owner.

Analysis drawn from a decade of historical Kaspersky
Security Network data suggests that South Korea was among the first countries in the Asia Pacific region to suffer heavily from banking Trojans throughout 2011-2012.  

However, the data indicates significantly lower relative numbers of infections in Korea since 2013, with the country currently at the bottom of the list of banking Trojan-infected countries in the region.

According to Kaspersky’s analysis, most other developed countries in the region show low statistics of banking Trojan detection too, but developing countries appear to have become, and have remained, a hot spot for criminals specialising in banking Trojan exploits since 2019.

In fact, the Philippines seems to have risen to the top of the regional pack in terms of banking Trojan attacks, with Cambodia and Vietnam also among those countries hardest hit in Southeast Asia.  

In terms of regional banking Trojan distribution in 2021 alone, the Philippines has logged the highest number of unique users attacked in APAC, at 22.26 per cent of all banking Trojans discovered in the region this year so far.

The Philippines was followed, respectively, by Bangladesh with 12.91 per cent, Cambodia with 7.16 per cent, Vietnam at 7.04 per cent, and Afghanistan, claiming 7.02 per cent.

Based on the analysis of almost 300 publicly reported financial sector cyber-incidents since 2007, the types of financial threat actors include non-state actors – typically cyber criminals – seeking personal gains and illegal profit; state-sponsored hackers; insiders; multiple actors – a combination of the other types; and ‘unknown’.

The unknown category, which simply refers to all cases where it wasn’t clear who was behind an attack, have been increasing.

“The proportion of the unknown has grown over time, which is an alarming trend,” Kamluk said. “With the growth of the number of attacks, there seems to be an alarming trend of financial institutions becoming less and less capable of identifying who attacked them.  

“The unknown, unidentified threat actors were behind 60 per cent of the attacks in 2020, but this number will likely grow up to 75 per cent this year,” he added.

In February, Kaspersky revealed research indicating that India, Indonesia and Malaysia were among the top 10 countries globally to have been hit by the greatest number of malware attacks by the SilentFade group during the month prior.

As reported by sister publication CSO, Facebook discovered the SilentFade malware family towards the end of 2018, with its origins traced back to 2016.

The SilentFade group initially made use of a combination of a Windows Trojan, browser injections, clever scripting, and a bug in the Facebook platform to deploy its malware

The security vendor said that its researchers had spotted a significant growth of the malware used by SilentFade, with the greatest number of incidents over the month of January detected in India, Brazil, Indonesia, Italy, Germany, Algeria, Malaysia, Russia, France and Egypt.

Internet Explorer Channel Network


LATEST NEWS

NEWS RELATED

Manila makes Microsoft move as digital ambitions become reality

Philippines’ capital city aims to leverage cloud technologies to “potentially empower” more than two million citizens post-pandemic.

Read more: Manila makes Microsoft move as digital ambitions become reality

PLDT builds first hyperscale data centre in the Philippines

The new green facility will serve growing hyperscale demand in the country’s enterprise sector.

Read more: PLDT builds first hyperscale data centre in the Philippines

PLDT to build hyperscaler data centre in the Philippines

Targets tech giants and cloud service providers expanding in the region.

Read more: PLDT to build hyperscaler data centre in the Philippines

Squid Game-themed apps pave way for hackers to snack on your data

Unlike Squid Game, investing is not generally a lose-everything scenario — although it can be if you put all your eggs in one basket: it was devastating for those who did so with Woodford. (Representative image: Reuters) Korean drama series Squid Game has racked up quite a following and has…

Read more: Squid Game-themed apps pave way for hackers to snack on your data

Phishing on YouTube creators: Google blames Russian attackers

The campaign was led by multiple hackers Google’s Threat Analysis Team has put out a detailed report, which tracks phishing campaigns that have targeted YouTube creators since late 2019. The team says that the actors behind the campaign were attributed to a group of individuals on a Russian forum and…

Read more: Phishing on YouTube creators: Google blames Russian attackers

"Stalkerware" putting personal data of smartphone users at risk: Report

A smartphonespyware has put personal data of hundreds of thousands of users at risk, like call records/recordings, text messages, photos, browsing history and precise geolocations, the media reported.The personal data can be pulled from a person’s phone because of a security issue in widely used consumer-grade stalkerware or spyware, reports…

Read more: "Stalkerware" putting personal data of smartphone users at risk: Report

India 6th most affected country by ransomware: Google

New Delhi: A Google report that analysed more than 80 million ransomware samples submitted over the last year and a half has revealed that India is at the sixth place in the list of 140 countries most affected by ransomware.Israel was far and away an outlier, with the highest number…

Read more: India 6th most affected country by ransomware: Google

Best free antivirus software for 2021

For years, if you wanted the best antivirus software, you had to pay for genuine protection and security. Any free antivirus software admittedly lacked some critical features, like fraud protection or link blocking. While some antivirus programs cost money, there are plenty of free options with fantastic features. You don’t…

Read more: Best free antivirus software for 2021

Apple explains why it can't go the ‘Google way' in apps

Google removes several stalkerware ads promoting spying on spouses

From Bitdefender to Sophos, how CSOs choose an endpoint protection suite

Android Users Warned Of Malware Disguised As Fake Security Updates

Fake Amnesty Anti Pegasus Antivirus Found to Actually be Sarwent Malware

New GriftHorse Android Trojan Affects 10 Million Mobile Users! Some of the 200 Infected Apps Bypass Google Play Store

How To Remove A Virus From An iPhone or iPad

Android Malware Uses COVID-19 Related SMS to Infect US, Canada Users—How it Works

OTHER NEWS