With the start of the most important season of the year for purchases, in view of Christmas, a new search by Kaspersky Lab shows that bank trojans are actively targeting users of well-known consumer brands, stealing credentials and other information through their sites. Kaspersky Lab's technologies detected 9.2 million attempts at attack by the end of the third quarter of 2018, an important figure compared to 11.2 million in the whole of 2017. An increase was recorded above all in malware, around at 34%. Half of all the online stores attached are well-known brands of consumer clothing and fashion brands, footwear, gifts, toys and big chains. Italian digital consumers, together with German, American, Russian and emerging countries,
Usually bank trojans have the main objectives of users of online financial services; among their purposes there is the search for bank data to steal or the creation of botnets through compromised devices, to carry out attacks in the future. Over time, the functionality of many of these bank trojans has improved, as has evolved their ability to reach data and digital consumer credentials, in order to gain access to their devices via permits. root.
The main malware families that rob victims through e-commerce are Betabot, Panda, Gozi, Zeus, Chthonic, TinyNuke, Gootkit 2, IcedID and SpyEye (according to surveys, an increase of 34% compared to 2017). Trojans target well-known e-commerce brands looking for user credentials such as logins, passwords, credit card numbers, phone numbers and other data. Information theft occurs by intercepting input data on targeted sites, modifying the content of the online page and / or redirecting users to phishing pages.
The research shows that:
- Half (50%) of brands targeted by detected malware families are well-known brands in the world of clothing, footwear, jewelry, gifts, toys and big chains, followed by the names of consumer electronics and the entertainment / gaming sector (both at 12%).
- Overall, the research detected 14 malware families that targeted a total of 67 e-commerce sites, including 33 consumer clothing sites, 8 electronics, 8 entertainment / gaming / gaming, 3 known telecommunications sites, 2 sites for digital payments and 3 online retail platforms, among others.
Considering the malware families it emerged that:
- Betabot has targeted 46 different brands, including 16 clothing channels, 4 consumer electronics and 8 entertainment / gaming; most of those attacked were registered in Italy (14.13% of users affected by malware were affected by this threat), Germany (6.04%), Russia (5.5%) and India (4.87%).
- Gozi focused on 36 brands in particular, including 19 online clothing shops and 3 electronics stores; also in this case Italy recorded the highest percentage of users affected (19.57% of those reached by malware), together with Russia (13.89%), Brazil (11.96%) and France (5.91%).
- Over three million sets of e-commerce credentials have been found for sale on marketplaces that are easily accessible through the Google search engine. The highest prices are reserved for those sets that seem to refer to hacked merchant accounts.
To shop online safely, Kaspersky Lab recommends:
Whom to buy:
- To adopt a robust and up-to-date security solution, a must have for all the devices you use to make online purchases. We do not recommend that you make purchases from websites that are potentially dangerous or resemble trustworthy but incomplete websites.
- Do not click on unknown links in emails or on social media, even if they come from known people, unless the message has not been anticipated.
To those who sell online
- To use reliable payment services and keep the online trading and payment platform software up-to-date. Each new update can contain important patches to make the system less vulnerable to cybercrime attacks.
- To use a tailor-made security solution to protect your company and its customers.
- To pay attention to the personal information used by customers to purchase on a given site. It is essential to use a ' fraud prevention ' solution that can adapt to your company profile and that of your customers.
- Always monitor the buying habits of those who buy online. The higher the difference from a standard transaction of that specific user, the greater the possibility that there will be some attackers in action.
- To limit the number of tempting transactions and to always use two-factor authentication (Verified by Visa, MasterCard Secure Code and so on).
The research conducted by Kaspersky Lab is based on data obtained with user consent and processed using Kaspersky Security Network (KSN). All malware belonging to the group of bank Trojans and treated in the report were detected and blocked by Kaspersky Lab's security solutions.