Symantec has seen an increase in cyber criminals directly attacking financial institutions such as banks using Trojans.
“Although such targets are harder to compromise than a home user’s computer, if the attack is successful it can potentially yield much higher profits with larger transaction values,” the security vendor said in its Financial Threats 2015 report, which focusses on Trojans targeting the sector. The report was released overnight.
The financial sector was the target of 40.2 per cent of so-called spear-phishing attacks (the term used to describe tailored phishing attempts) recorded by Symantec in January 2016.
“This underlines the high level of interest from attackers to infiltrate financial institutions and profit from the large numbers of financial transactions that flow through them,” the report stated.
As an example Symantec cites the so-called ‘Carbanak’ group which plundered up to US$1 billion from banks in 25 nations over two years.
“This is a skilled group of attackers, capable of gaining a foothold on the networks of targeted banks through malware hidden in spear-phishing emails,” the report states.
“Once inside, the group patiently and stealthily move across the network of a bank, gathering intelligence and compromising enough computers until it has the resources and intelligence to launch a successful attack.”
Symantec said that the number of financial Trojans detected in 2015 had dropped 73 per cent compared to the prior year. The main way of distributing the malware remained email attachments.
The security vendor said that the 656 financial Trojans it analysed targeted 547 institutions in 49 countries. Each sample on average targeted 93 organisations, up 232 per cent on the prior year.
Only one Australian bank, which Symantec didn’t name, made the list of the top 20 targets of financial Trojans. It was targeted by 54.73 per cent of the Trojans analysed.