US bank fended off 513 trojans last year alone
Even after all these years, it pays to beware of geeks bearing code
The most beleaguered bank in the United States was hit with 513 financial trojans last year, says Symantec threat bod Candid Wueest.
The unnamed bank and Symantec customer was in the crosshairs of 78.2 percent of all financial trojans seen by the security firm last year.
It is unknown if any of the malware samples gained a foothold in the bank's networks.
The bruised bank is but one of 547 organisations and Symantec clients to have been hit with some of the 656 trojans seen by the firm.
The bank would be lucky to survive unscathed; Wueest says criminals are using less diverse but much more capable trojans, a trend so strong that the number of different trojans fell 75 percent last year compared to 2014.
"Fluctuations are partially due to takedowns, arrests, and the efficacy of different trojan families," Wueest says.
"Although there was a significant drop in financial trojan detections, the prevalent malware families have become far more capable."
Malware writers are also preferring to target banks directly, rather than popping scores of users.
Phishing is still the perennial preferred method to gain a network foothold, however.
United States businesses were the most trojan-targeted in the world with Symantec logging 141 organisations, followed by Germany, and India.
The malware natural selection meant the dominant trojans targeted an average of 93 organisations last year, up a whopping 232 percent on 2014.
The figures are also likely influenced by the rise of ransomware which is luring money-hungry malware writers away from banking trojans.
Wueest also calls out improvements to security software in helping to defend users. ®
- Black Hat
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Identity Theft
- Kenna Security
- Palo Alto Networks
- Trusted Platform Module
- Zero trust