Although the number of attacks on mobile devices declined last year, Kaspersky says that is no cause for rejoicing. Indeed, the cybersecurity company actually warns that cybercriminals are combining their efforts to create more dangerous and profitable threats. "New mobile malware has become increasingly complex, with new ways to steal users' banking and gaming credentials, as well as other components of personal data."
Kaspersky's Mobile Threats in 2021 report shows that there were "only" 46 million cyberattacks in 2021 (up from 63 million in 2020). The researchers attribute this development in part to the beginning of the lockdown, when users were forced to work from home. As more video conferencing and entertainment apps were used at the time, the volume and spread of attack opportunities increased significantly. Now that the corona situation has stabilized, cyber activities have also declined.
Nevertheless, Kaspersky should not be complacent just yet. In fact, 3.5 million malicious programs were detected in 2021, which ultimately led to 46.2 million attacks. Moreover, 80% of the attacks were carried out by malware rather than adware (software that intrusively displays ads) or RiskTools (programs with various functions, such as hiding themselves from the screen).
In addition, the number of attacks involving banking trojans - programs designed to steal banking data - has accelerated. The survey found that there were nearly 2.4 million trojan attacks in 2021 (only 600,000 fewer than in 2020). In addition, cybercriminals upgraded their banking trojans. Kaspersky detected more than 95,000 new versions last year, most of which had "enhanced capabilities.
For example, the enhanced "Fakecalls banking trojan" is now capable of taking over calls when users try to contact the bank, replacing audio recordings with recorded answers from the operator. In this way, consumers are tricked into thinking they are talking to a real bank employee or the standard robotic answering machine, unintentionally sharing sensitive information with the attackers.
Other malware takes an even more subtle approach: for example, the "Sova banking trojan" is capable of stealing users' cookies to access personal accounts in mobile banking apps, without the need to know login and password information.
Finally, the study shows that cybercriminals are increasingly going after mobile gaming login data. These are often later sold on the darknet or used to steal (and later resell) in-game stuff from users. For example, the first mobile trojan of the "Gamethief" type stole login credentials for the mobile version of the shooting game PUBG.
According to Jornt van der Wiel, security researcher at Kaspersky, there are indeed fewer mobile attacks, but they have increased in complexity and are therefore harder to spot. "Cybercriminals tend to hide malicious apps under the guise of legitimate applications, which can often be downloaded from official app stores."
"On top of that, mobile banking and payment apps are becoming more widespread, making it more likely that cybercriminals will more actively target them. Staying careful on the Internet and avoiding downloading unknown apps is a good habit, but I also strongly recommend using a trusted solution. Especially when it comes to securing finances, it is better to err on the side of caution.
