Are Banks Equipped To Tackle Banking Malware?

While banks and security companies may be putting up their best efforts to fight off cyberthreats, the infection rates of banking Trojans remain on the rise, ZDNet reported Thursday (Jan. 7).

Morten Kjaersgaard, CEO of Danish security company Heimdal, told ZDNet the usage of the Dyreza Trojan has risen sharply, while the most common banking malware Tinba still holds the top spot.

“We’re seeing an infection rate averaging about 1,000 machines per day for Tinba alone,” he explained to ZDNet. “Tinba is the most widely spread, but Dyreza is the most used.”

Using an attack style known as “man in the browser,” the Dyreza Trojan lurks within a system’s browser processers to monitor connections to domains and steal the credentials typed in by the user, ZDNet reported. Tinba, while much smaller in size, uses similar tactics to steal data and bypass the two-factor authentication many webpages use to secure access.

“Banking Trojans constantly evolve to fit the banking space, making sure that they can circumvent two-factor authentication,” Kjaersgaard added.

“The biggest evolution for the banking Trojan, in my view, will be gaining access to the system, creating the infection. Once inside, the malware can easily morph to adapt to the banking environment. So, that’s a secondary concern for malware makers.”

A study last year from SecurityScorecard revealed that malware is getting more sophisticated and tougher to block.

A report by CIO delves into the details of the study, which explains that the sheer volume of types of malware are making it harder for companies to keep up with and that malware will only get worse.

The study discovered that more than 4,700 companies had suffered from some sort of banking malware — leaving many banks open to the possibility of attack. The report also details data about computers that may be part of a “network of infected machines, known as a botnet.” The study found nearly 12,000 infections across those impacted organizations.