CYBERSECURITY | Kaspersky warns of surge of banking Trojans in APAC
For Asia-Pacific (APAC), one of the most evident aftermaths of COVID-19 is the significant uptick of digital payment adoption in the region.
Fingerprint login authorization and cyber security concept. Blue integrated circuit with locks on background. Control access and authentication online.
The COVID-19 pandemic has drastically changed the way people live and triggered a mad rush for companies—big and small—to adopt and use technology to mitigate the effects of the health crisis and remain afloat.
For Asia-Pacific (APAC), one of the most evident aftermaths of COVID-19 is the significant uptick of digital payment adoption in the region.
However, Vitaly Kamluk, director of Global Research & Analysis Team for APAC at Kaspersky, said that the increased cashless payments in APAC have paralleled the rise of banking Trojans in the region.
“Even before COVID-19, Asia-Pacific has always been one of the leaders in digital payment adoption, driven by developed countries like China, Japan, South Korea, and even India. This pandemic extended the use of this technology significantly further – particularly in still emerging economies in Southeast Asia and South Asia. As we all know, the lockdown restrictions forced everyone to shift their financial transactions online,” Kamluk said.
The executive said after analyzing the historical figures the company has on financial threats, “I also learned that there was another outbreak that started in early 2019 in APAC–banking Trojans.”
Kamluk said banking Trojans are one of the most dangerous species in the malware world. To
put it simply, they are used to steal money from users’ bank accounts.
The goal of this malware is either to obtain access credentials or one-time passwords to online bank accounts or to manipulate the user and hijack control for the live online banking session from the legitimate owner.
Due to the uptick of online payment usage and the still-needing-improvement consumer attitudes towards protecting their devices, banking Trojan is among the most impactful malware for home users.
Kaspersky said a decade-long historical data analysis showed that South Korea was among the pioneer countries in APAC that suffered from banking Trojans throughout 2011-2012.
However, since 2013 it showed significantly low relative numbers of infections and currently is at the bottom of the list of banking Trojans infected countries in the region.
Most of the other developed countries show low statistics of banking Trojans detection too, while developing countries seem to have become and remain a hot spot for the criminals since 2019.
“Banking Trojans were not the biggest concern of many countries in APAC until 2019 when an outbreak of infections appeared in multiple countries at once. From then on there was no looking back. Our telemetry shows that this malicious threat has grown in terms of detections and reach. We see that it will continue to pose a significant threat to both financial organizations and individuals here as we continue to see more users and startups dipping their feet into the digital payments field,” Kamluk added.
In terms of regional distribution, the Philippines logged the highest number of unique users attacked in APAC at 22.26% of all banking Trojans discovered in the region, followed by Bangladesh (12.91%), Cambodia (7.16%), Vietnam (7.04%), and Afghanistan (7.02%).
To better secure companies and individuals against these cyberthreats, Kamluk said financial organizations and enterprises can tap a reliable vendor to provide security; run cybersecurity drills; verify the supply chain software; monitor the latest trends and attacks; and motivate staff to report suspicious findings.
