Bank data thieves switch from PC to Android smartphones

Cybercrime exists almost as much as high technology itself. If previously “under the blow” of the thieves of personal data and credit card information were PC users, as the most common group, now the attackers “evolved” after the market and switched to owners of Android devices.

According to data provided by Group-IB, the amount of stolen funds from bank accounts and plastic cards in the Russian Federation through Trojan infecting smartphones running the Android OS for the period from April 2015 to March 2016 amounted to 348.6 million rubles. Compared to the same period of 2014-2015, the amount of theft increased fivefold, Kommersant reports . At the same time, it is noted that the embezzlement of funds from users' accounts through a PC infection has “almost stopped”.
')
Why were only Android users under attack? According to statistics, the market share of devices running OS from Google is 86.2%, while the share of iOS - 12.9%.

The main method of attackers is disguising a Trojan for popular applications. During installation and attempting to run, the malware goes through all stages of obtaining access rights, receiving the necessary confirmation from the user. Since this procedure is the norm for many applications (especially for free ones), the modern average smartphone user, accustomed to working out-of-the-box applications and not paying attention to fine-tuning and protecting their personal data due attention, does not see anything suspicious in this behavior of the Trojan .

In August of this year, employees of the Ministry of Internal Affairs of the Russian Federation in the Tomsk Region detained a group of intruders who were infecting devices running Android OS. After installation, the Trojan application requested the data of a linked bank card, hid messages received from the bank and stole money from the account.

At the same time, a representative of Sberbank argues that among their clients such dynamics, as reported in the statistics of experts, are not observed. "Rather, the situation reached a plateau," quotes the words of Sberbank Kommersant. Kaspersky Lab expert Viktor Chebyshev notes that Russia leads in the number of attacks on Android devices: about 350 people suffer from the actions of intruders every day.

The increased activity of the intruders is associated not only with the growing number of mobile devices and the dominance of Android in the market, but also with the deeper penetration of mobile and Internet banking systems into society. Users are increasingly choosing non-cash payment for goods, services and bills using a bank card and the Internet than using cash. And if PCs already have a sufficient number of solutions to protect personal data from information security software vendors, and the level of computer literacy in an application to a PC is increasing everywhere, then smartphones are not so protected and the culture of their safe use is still low.

It should be noted that last year cryptoworm or ransomware came to the place of Trojans on a PC, encrypting programs that require a bitcoin ransom for decrypting data on a PC. Representatives of the corporate sector are most susceptible to such attacks - it is there that computers are often stored critical information for business, and if you incorrectly configure access rights, infection of one machine leads to encryption of data of the entire fleet of an organization's PC through a local network. Sometimes malware does not even encrypt, but simply deletes files , while demanding a ransom for "decryption". Also, ordinary PC users are victims of cryptographers, who have to pay to save their personal photo archive and documents, or hope for a decoder to appear.