Finance malware more common than ransomware; research
Research from Symantec reveals that while ransomware continues to earn attention, finance malware has caught up
Symantec has revealed that whilst ransomware continues to become more frequent, financial threat is also on the up rise.
In fact, it is 2.5 times more prevalent according to Symantec detection data.
Its research discovered that attackers study their victims' networks, such as the Dridex downloader, which checks for financial software packages before attackers manually access the computer to carry out fraudulent transactions. Other threats wait until the end of the month, when many businesses make bulk transactions, before adding their own fraudulent transaction or modify existing ones.
Furthermore, 38% of financial threats were detected in business locations, rather than retail customers. Even though such attacks are harder to carry out and take longer to prepare, they yield a much higher profit.
Symantec also found that attackers adapt quickly to new markets when current targets become saturated, too well protected or are no longer easily defrauded. The end user remains the weakest link in the chain, which means even the strongest technologies are susceptible to social engineering attacks.
From a global point of view, Asian markets most targeted by financial malware infections. Japan saw a spike in infections last year, with 37% of global detections, up from 3% in 2015 - by comparison, the U.S. made up 6% of global detections.
Symantec saw a large increase in financial Trojan detections across Asia with Japan, China and India notably gaining places in the top 10 list. The United Kingdom and Germany were also among the top ten countries targeted globally by financial Trojans. This shows that the attackers are expanding to new markets that are less saturated and less protected. On the other hand, the UAE ranked 33 in the global list.