Banking trojans are becoming popular with cyber-crooks

Oct 26, 2015 09:49 GMT  ·  By

Security researchers at G DATA are reporting that, during the first half of 2015, they discovered 12 new malware types a minute.

The revelation is somewhat consistent with another recent PandaLabs report, which found 21 million new strands of malware between April and June, coming down to 230,000 per day, 9,500 per hour, 160 per minute, and 2.66 per second.

According to G DATA's own findings, the company saw 3,045,722 new malware types, 26.6% higher than in the second half of 2014, and 64.8% higher than in the first half of 2014.

Most malware attacks were adware and PUPs

The most encountered attack types were relatively harmless adware and PUPs (Potentially Unwanted Programs), with the most common malware families being Dealply and Graftor.

The majority of attacks were hosted on websites from the healthcare sector, followed by those in the technology and telecommunications sectors, by pornography websites, games, and personal blogs.

Pornography websites are a surprise entry in the list, but not for us in the infosec community, since we've observed various major malvertising campaigns during the past few months.

Most malicious websites hosted in the US

The majority of malicious websites from which attacks were started were hosted in the US, which makes sense, since most data centers are in the US, followed by China, France, and the Ukraine.

A worrying trend was also observed by G DATA experts, which saw an increase in banking trojan usage, and more specifically of Swatbanker, mostly used during February, March, and April.

Most of the victims targeted by banking trojans lived in the US, UK, Germany, Poland, and Austria. On the other hand, users of Wells Fargo, HSBC, Lloyds Bank, Barclays, and RBS were the most targeted during the first half of 2015.

“About three-quarters of Internet users are conducting their financial transactions online, and cybercriminals have recognized this huge opportunity for malicious attacks,” says Andy Hayter, Security Evangelist at G DATA. “Not surprisingly, because of this, we’re seeing a significant increase in attacks from banking Trojans for the first time since 2012.”

Malware evolution during the past years
Malware evolution during the past years

G DATA Biannual Malware Report (4 Images)

Sectors from where attacks were launched
Malware evolution during the past yearsHost countries for most attacks
+1more