Hacking into a consumer bank account is the holy grail for hackers, and now, they have a new way to do it: via mobile phones. That’s according to a report which said malicious software programs, carrying names like Acecard and GM Bot, are being used more by criminals as they look for new ways to infiltrate the financial services industry. The hackers are using the malicious software programs to steal the banking credentials of consumers when they log into their bank accounts using their mobile phones.
According to the report, Richard Jacobs, an assistant special agent in charge who handles cybercrimes at the FBI, said the government agency is seeing malware that is specifically targeted at banking apps and is for the sole purpose of stealing account credentials. Jacobs told The Wall Street Journal he is trying to clue the financial industry into the new trend, which right now is largely aimed at big banks. In April, the Federal Financial Institutions Examination Council, which brings together five banking regulatory bodies, updated the guidance it gives banks to include threats to the financial services industry via mobile phone malware.
The threat, which is growing, marks a new way for criminals to steal the banking credentials of consumers. In the past, they largely relied on other methods, including installing skimmers on ATMs or using email and other PC scams aimed at getting consumers to click on fake links and give up their logins and passwords. What’s more, WSJ noted the slew of credit card breaches during the past few years has resulted in a glut of stolen credit card numbers that are being sold on dark websites for as cheap as $1 each. That makes the credit card numbers less profitable for hackers, forcing them to look elsewhere.