-
An adaptation of the Zeus malware kit targets job seekers and dupes them into funneling cash from a victim's bank account into criminals' pockets.
June 19 -
Hackers' use of a social network evolution of the Zeus malware has made a comeback in the first half the year.
June 12 -
An RSA cybercrime expert walks us through a typical online/mobile banking attack with a new twist: an SMS forwarder that steals authentication codes.
June 10 -
As apps shrink the gap between financial firms and their customers, banks are coping with new and growing risks that accompany mobile devices.
May 31
The latest reason for banks to provide security for their mobile banking users: mobile malware attacks have increased more than six-fold in the past year, according to a recent survey from Juniper Networks.
The network security company analyzed data from the 12 months that ended this March and found the total number of malicious apps has grown to 276,000. Three quarters of that software is some type of SMS Trojan, says Troy Vennon, director of Juniper Networks' mobile threat center.
This type of malware is typically embedded in a benign-looking smartphone app (think of an alarm clock app) and sends a text message in the background to a premium service (such as a ring tone) that then charges that person a fee.
"Malware development is picking up, it's not slowing down," says Vennon. "A business case has emerged for malware developers -- for a majority of them. They found a way to monetize [their wares] via SMS."
These Trojans are usually hidden in third-party app stores that aren't controlled by Google or another mobile platform operator. But the code can sometimes be embedded in popular apps on the Google Play Store as well, says Vennon.
A majority of this software is being created in Russia or China, he adds, and is primarily written around the holiday season from October to January.
For banks, the study serves as a reminder that customers are vulnerable to the whims of malware designers that are nefariously working to scam victims.
Banks can of course build rules into their risk analytics software that might catch increases in cell charges. But in the end, the dispute lies with the cell phone carrier.