New research by Kaspersky Lab has revealed that bank trojans are active in targeting shoppers of popular consumer brands on the Internet, stealing access credentials and other information exchanged through these sites, which began to increase as the annual holiday shopping season began.
Kaspersky Lab’s technology revealed 9.2 million attack attempts by the end of the third quarter of 2018, compared with 11.2 attacks for the whole of 2017, and revealed a 34 percent rise in attacks by one family of malware.
Half of all e-shops attacked were famous fashion brands selling shoes, gifts and toys, as well as large department stores. The attacks targeted online shoppers in Italy, Germany, the United States, Russia and a number of emerging markets.
Bank hijackers usually target users of online financial services, search for financial data to steal them, or build botnet networks from hacked devices for future attacks. Many of these trojans have boosted their functionality over time, targeting online shopper data and gaining access To the depth of their devices.
The list of major families included malware that stole from the victims of the electronic brands Betabot, Panda, Gozi, Zeus, Chthonic, TinyNuke, Gootkit2, IcedID and SpyEye (which is expected to be 34% more likely than 2017).
These trojans target well-known e-commerce brands to search for user credentials (login and password), credit card number, phone number, etc., by intercepting access data on targeted sites, modifying web page content, or redirecting page visitors To phishing scams.
Key findings of Kaspersky Lab’s research report included:
- 50 percent of brands targeted by malware families are high-profile brands of fashion, shoes, jewelry, gifts, toys and supermarkets, followed by consumer brands (12 percent) and entertainment and gaming brands (12 percent).
- The study found 14 malicious malware families targeting a total of 67 consumer e-commerce sites, including 33 clothing sites, eight consumer electronics sites, eight entertainment and gaming sites, three popular telecommunications sites, two online payment sites, three retail locations, and more.
- More than three million sets of login credentials have been found on e-commerce sites on sale in a market that is easily accessible through Google’s search engine, and the highest prices appear to be charged as pirated traders.
The study found that among these families:
o The Betabot family, which targeted 46 different brands, including 16 clothing brands, four consumer electronics brands, eight entertainment and gaming brands, and 14.13 percent of users affected by malicious software targeted by this threat , Germany (6.04 percent), Russia (5.5 percent) and India (4.87 percent). The UAE and Turkey were among the target countries, with 3.13 percent and 2.81 percent, respectively.
o Gozi family:Which targeted 36 brands, including 19 clothing brands and three consumer electronics brands. Most of those affected by attacks in Italy were 19.57 percent of users affected by malicious software targeted by the threat, Russia (13.89 percent), Brazil (11.96 percent) and France (5.91 percent). The list increased by 3.51 percent.
Yuri Namistnikov, a senior security researcher at Kaspersky Lab’s global research and analysis team, said malware banking is not new, but he explained that the presence of families from such software looking for data on online shopping accounts may be surprising.
“If a user’s computer is infected with a known trojan, criminals can steal the payment card data while entering the targeted store site, making it easier for criminals to steal money from a compromised card. Criminals can also use stolen accounts in money laundering schemes to buy products from a Web site using stolen credentials, so that the purchase looks as if it was made by a known customer, so no anti-fraud measures are launched and then they sell what they bought. ”
He urged consumers and retailers, when the busiest shopping season of the year came to be more cautious about their security, to check the integrity of websites more than once before entering any data or downloading any files from them.
Kaspersky Lab recommends that consumers follow these steps to stay safe when shopping online:
- A robust and up-to-date security solution is essential for all devices used for online shopping, but it’s important to avoid buying anything online from sites that do not look secure or look like an incomplete version of a trusted website for a well-known brand.
- Do not click on unknown links in emails or messages in social networks, even those from known people, unless the message is waiting.
Electronic brands should:
- Use a reputable payment service and maintain an updated e-commerce platform and online payment system. Each new update may contain necessary fixes to make the system less vulnerable to hacking.
- Use a customized security solution to suit your business needs to protect your company and customers.
- Ensure the integrity of the personal information used by customers in the procurement process, and the use of fraud prevention solution can be adjusted to the nature of the company’s work and the nature of customers.
- Make sure you do not keep too much money in your online payment transaction. The more money in the account, the higher the value of the criminals.
- Limit the number of attempts associated with a transaction and use binary authentication options such as Verified by Visa, MasterCard Secure Code, and others.
The research study is based on data obtained with the consent of users and processed using the Kaspersky Security Network solution. It should be noted that all malware belonging to the Trojans covered in the report are detected and blocked by Kaspersky Lab security solutions, about the study and see a copy of the report entitled “warned buyers of Internet threats targeting e – commerce sites in 2018” via the website.