Nokia Threat Intelligence Report finds Trojans infiltrate phones, find passwords and open doors
The popularity of mobile banking is making smartphones the easiest heist in cyber crime, says the Nokia 2021 Threat Intelligence Report. In an explanatory seminar Kevin McNamee, director of Nokia’s Threat Intelligence Centre, explained how fintech fraudsters are carrying out more online bank raids through handsets and tablets.
The incidents involving banking malware grew 80 per cent in six months in Nokia’s study sample. The report says malware is being used as a sort of two-factor scam with plots aimed at stealing personal banking credentials and credit card information.
The digital crime wave
The report is based on data aggregated from network traffic monitored on 200 million devices globally where Nokia’s NetGuard Endpoint Security product is used. The report’s figures for the first half of the year show an 80 per cent rise in the number of new banking trojans, year-on-year.
In October BT Security claimed its threat intelligence team had seen a 50 per cent increase in malware traffic over the last 6 months. The warning came as it announced the launch of Eagle-i – a cyber defence platform that’s fed BT’s global network insights and uses artificial intelligence (AI) to predict, detect and mitigate security threats.
BT keeps an eagle eye on crime
Banking trojans use a variety of new tricks to collect information, the report says. Trojan Horse software is being used to infiltrate the smart phone and steal SMS messages containing one-time passwords. The malware captures keystrokes, it then overlays bank login screens with its own transparent overlay, takes screen snapshots and even accesses Google Authenticator codes. Then it relays all the captured information back to the cyber bank robbers.
Banking malware had once been directed mostly at Android phones because of their ubiquity and developer openness. These factors helped make banking trojans among the most successful malware attacks in 2021, said Nokia. Now it is widening its scope.
Users don’t take malware threat seriously
The Threat Intelligence Report says the average banking app user’s failure to use two factor authentication is a major contributor, as is their willingness to use public wi-fi access points, as well as the use of predictable passwords.
Covid-19 related malware incidents in residential networks have levelled off at 2.5 per cent growth, after a peak in December 2020 of 3.2 per cent. “People are more aware of the threats posed by Covid-related cyber-attacks and are taking steps to secure their home working environment,” claimed Nokia’s release.
Mozi is the botnet di tutti botti
Internet of Things (IoT) botnets, comprising malware coded devices, are growing in size and sophistication, since there’s a huge target area of ‘smart’ fridges and video cameras for them to target. One gaining notoriety is Mozi, which uses a peer-to-peer command and control protocol. It actively scans the network and uses a suite of known vulnerabilities to exploit additional IoT devices. The Mozi has been used to create botnets consisting of around 500,000 individual devices.
IoT botnets are responsible for 32 per cent of the malware incidents detected by Nokia’s NetGuard Endpoint Security.
“Cybersecurity threats only evolve and look for new opportunities, as shown by this year’s report,” said McNamee. “This is a trend we see continuing into the future which reinforces the need for better online practices and having robust endpoint security.”