RiskFinancial CrimeFewer financial Trojan infections, but ‘threat far from neutralised’

Fewer financial Trojan infections, but ‘threat far from neutralised’

The successful takedown of the group behind the Dyre Trojan likely contributed to the decrease in threat detections in 2015, reports Symantec.

There was a 73% drop in 2015 in the number of financial Trojan infections, reports Symantec, but the US security products specialist warns that any celebrations are likely to be premature as “the threat is far from neutralised”.

“Financial Trojans are becoming far more capable and criminals are increasingly targeting institutions directly,” the group stated. “With the announcement of Android Pay yesterday, more people than ever will be able to pay for goods and services using just their phone, increasing the risk for both businesses and consumers.”

Candid Wueest, principal software engineer at Symantec commented on cybercriminal activity: “The tactics are simple: through classical attack methods like spear-phishing, the targeted financial institution is compromised and a foothold is established.

“Once inside the financial institution’s network, the attacker can wait and learn how to transfer money, issue fraudulent transactions, or orchestrate automated teller machines (ATMs) to dispense cash.”

The US remained the most affected/infected country in the world by financial Trojans in 2015, targeted with 145,000 in total. Germany ranked second with 113,000, having moved up from fourth in 2013 and third in 2014. Last year’s ‘top five’ was completed by India (63,000), Japan (50,000) and the UK, which was targeted with 42,000 financial Trojans.

Symantec ii

Symantec i

Symantec’s research shows that infections from the Dridex banking Trojan increased by 107% in 2015, making it the fastest growing family of financial Trojans last year.

In more positive news, Symantec reports that “the highly successful takedown of the group behind the Dyre Trojan likely contributed to the decrease in threat detections.

“Individual and organisational use of multi-layer protection also factored into the drop in detections since infections were blocked early in the chain,” the group adds.

Related Articles

Why working in silos is a killer when battling financial crimes

Cyber Security & Fraud Why working in silos is a killer when battling financial crimes

2m Andrew Simpson
PSD2: dull name, but seismic effect

Clearing & Settlement PSD2: dull name, but seismic effect

4m Alex Kwiatkowski
Staying one step ahead: PSD2 and the future of fraud

Financial Crime Staying one step ahead: PSD2 and the future of fraud

4m Seth Ruden
8 predictions for treasury in 2018

Financial Crime 8 predictions for treasury in 2018

5m Bob Stark
FDIC sues 9 European banks over Libor

Banking FDIC sues 9 European banks over Libor

9m Victoria Beckett
Appreciating supply chain cyber risk

Cyber Security & Fraud Appreciating supply chain cyber risk

9m Peregrine Storrs-Fox
The death of the password: biometric banking

Automation The death of the password: biometric banking

9m Paul Sheldon Foote
The insecurity of fraud victims in the fight against cyber-assailants

Bank Relationships The insecurity of fraud victims in the fight against cyber-assailants

9m Keiron Dalton