The covid-19 pandemic has drastically changed multiple aspects of human lives globally and in Asia Pacific (APAC). One of its most evident effect is the significant uptick of digital payment adoption in the region. Several reports have already put out the numbers to prove this trend, but what about its tangible effects on the cybersecurity landscape of the financial sector?
After analysing the historical data from Kaspersky Security Network’s (KSN), Vitaly Kamluk, director of Global Research & Analysis Team (GReAT) for APAC at Kaspersky, discovered that the increased cashless payments in APAC has paralleled the rise of banking Trojans in the region. “Even before Covid-19, Asia Pacific has always been one of the leaders in digital payment adoption, driven by countries such as China, Japan, South Korea and even India.
This pandemic extended the use of this technology significantly further—particularly in still emerging economies in Southeast Asia and South Asia,” says Kamluk. “As we all know, the lockdown restrictions forced everyone to shift their financial transactions online. But, now, after analysing the historical figures we have on financial threats, I also learned that there was another outbreak that started in early 2019 in APAC—banking Trojans.”
Banking Trojans are one of the most dangerous species in the malware world. To put it simply, they are used to steal money from users’ bank accounts. The goal of this malware is either to obtain access credentials or one-time passwords to online bank accounts or to manipulate the user and hijack control for the live online banking session from the legitimate owner.
With uptick of online payment usage and the still-needing-improvement consumer attitudes towards protecting their devices, banking Trojan is among the most impactful malware for home users. In terms of regional distribution, the Philippines logged the highest number of unique users attacked in APAC at 22.26% of all banking Trojans discovered in the region, followed by Bangladesh (12.91%), Cambodia (7.16%), Vietnam (7.04%) and Afghanistan (7.02%).
“The proportion of the unknown has grown over time, which is an alarming trend. With the growth of the number of attacks, there seems to be an alarming trend of financial institutions becoming less and less capable of identifying who attacked them. The unknown, unidentified threat actors were behind 60% of the attacks in 2020, but this number will likely grow up to 75% this year,” he says.