Losses of Russians from the new virus will amount to millions of dollars.
Loss of Bank customers from a new Trojan stealing data from cards will be $40 million in the case of its distribution in Australia, New Zealand and Turkey (target of hackers). If the banking Trojan comes to Russia, the loss of citizens will reach $5 million This follows from the calculations that specially for “Izvestia” was prepared by company Zecurion. According to the head of Zecurion Analytics of Vladimir Ulyanov, the spread of a new banking Trojan possible after its appearance on the black market, where successfully sold and malware, stealing Bank card data from customers.
New Bank Trojan — Spy.Agent.SI — has become known recently from the company ESET. The company’s specialists have warned that the program is able successfully to circumvent two-factor authentication and steal the credentials of users of mobile banking applications. Using the stolen information, the perpetrators can gain remote access to the personal account of the victim (on the website of the Bank) and withdraw all funds from the account. Parallel to the Trojan intercepts SMS with one-time passwords sent by banks to confirm transactions.
“Trojan is disguised as a mobile app Flash Player — the message ESET. — Once downloaded and installed, the malware prompts for the administrator functions of the device to protect it from being deleted from your smartphone or tablet. Next, the Trojan checks the gadget on the availability of banking applications. If available, the Trojan downloads from a malicious server a fake authorization page for each program. When you run any banking apps on the device displays a false log-in screen and password, blocking the real login page to enter credentials. Spy.Agent.SI is developing rapidly, and to detect each new modification is becoming increasingly difficult. The task for the developers of the virus are banks of Australia, New Zealand and Turkey.”
Journalist Maxim Sokolov – about the similarity of the famous Russian-Ukrainian TV presenter with Goebbels and the problem of loyalty in the twenty-first century
According to Vladimir Ulyanov, successful malware sell well on the black market and can be readily adapted to specific customers. So, on the affected list may soon be Russian banks, he said. For example, with the Tyupkin virus, which came in March 2015 to Russia from USA (http://izvestia.ru/news/584338).
— If Trojan will be available on the black market, it is highly likely it will appear in Russia. Under favorable for the distributors of the malware scenario, the losses to the customers of Russian banks will amount to $5 million (given the prevalence of mobile Bank in the country), — the diplomat noted.
Head of IT Department Modelbank Ilya Titov sure that the Trojan Spy.Agent.SI will soon appear in Russia. According to the interlocutor, “it’s a matter of 1-2 months”.
— We fix the new versions of malicious programs, almost every month, says the head of the investigations division and service of Cyberathlete Group-IB Dmitry Volkov. They are sold on hacker forums. Users download and install such Trojans. Attackers basically send out SMS on behalf of social networks or well-known portals with links to download such malware, but sometimes they buy ad space in search engines. Of course, such malicious advertising also leads to a bogus website where the visitors are offered to download a Trojan.
According to the expert of Department of audit of security Digital Security Sergei Belov, the trick with Flash Player very captivating users.
Many owners of Android phones would normally play flash games and videos on the site, but this is impossible due to several technical limitations, especially on older device models, the source said. — So do not try to download and install on your phone is similar to solutions used for masking the virus. Max, you can download a special browser only from the official Google Play store that allows you to play flash videos using their remote rendering on the server developers (but will still be delays, including with sound) or just leave this idea and use flash only with PC resources. It is good that the General trend in the world of technology is going to reduce flash and transition to HTML5, which is already partially works on mobile devices, including those based on Android.
Belov also noted that banks are beginning to integrate antivirus software into your mobile apps.
It may help with the problem, but to protect their clients, if the person himself prefers and to ignore all warnings from the Bank, it is impossible, — the expert said.
Leading expert on information security InfoWatch Maria Voronova notes that the surest way to protect the client side is to prevent transmission to their devices, that is, to comply with “hygienic” or basic protection measures: do not go for unknown links, download and run applications from unverified sources.
The antivirus is also extremely desirable, — said the interlocutor. It is important to understand that if the device is infected, if on the side of the Bank’s additional remedies are not implemented, the probability of theft of money from the account. Can also save the separation devices: one may use the mobile Bank, and the second phone may receive SMS. It is inconvenient and rarely used, but increases the safety — the idea is that even if your phone is infected and is attempting to conduct fraudulent transactions, with one-time SMS code will come in second, not infected, phone. Well, on the side of banks, the most effective safeguard is a “fraud” of mobile payments, there is automated checking of the flow of payments and identification according to certain rules, suspicious transactions, and their subsequent confirmation.
