Global cybersecurity firm Kaspersky found that the Philippines logged the highest number of banking Trojan attacks in the Asia Pacific (APAC) at 22.26%. This was discovered on the heels of widespread adoption of digital banking during the COVID-19 pandemic.
Kaspersky’s latest study “Mapping a secure path for the future of digital payments in APAC” also saw that the Philippines is ranked top in terms of e-cash adoption (digital payments) at 34%. Other countries that have been embracing cashless payments include India (23%), Australia (15%), Vietnam (14%), Indonesia (13%), and Thailand (13%). The lowest number of first-time online payment users are China (5%), South Korea (9%), and Malaysia (9%).
Other countries hit by the banking Trojan include Bangladesh (12.91%), Cambodia (7.16%), Vietnam (7.04%), and Afghanistan (7.02%).
“Data from our fresh research showed that cash is still king, at least for now, in APAC with 70% of the respondents still using physical notes for their day-to-day transactions,” Chris Connell, managing director for Asia Pacific at Kaspersky, during the company’s annual Cyber Security Weekend 2021 held virtually. “However, mobile payment and mobile banking applications are not far behind with 58% and 52% users utilizing these platforms at least once a week up to more than once a day for their finance-related tasks. From these solid statistics, we can infer that the pandemic has triggered more people to dip their toes into the digital economy, which may fully dethrone cash use here in the next three to five years.”
Tomiris backdoor likely linked to Dark Halo — Kaspersky
Kaspersky reveals FinFisher spyware effectively evades detection
With this uptick in digital payment adoptions come also a significant rise in banking Trojans in APAC. These findings come from Kaspersky Security Network’s (KSN) during the course of the pandemic.
According to Kaspersky, banking Trojans are one of the “most dangerous species” in the malware world because they are used to steal money from users’ bank accounts. Once the malware infected the networks, it now has access to bank clients’ credentials such as one-time passwords of online bank accounts. The malware can manipulate the user and hijack control for the live online banking session from the legitimate owner.
“Banking Trojans were not the biggest concern of many countries in APAC until 2019 when an outbreak of infections appeared in multiple countries at once,” explained Vitaly Kamluk, director of Global Research & Analysis Team (GReAT) for APAC at Kaspersky. “From then on there was no looking back. Our telemetry shows that this malicious threat has grown in terms of detections and reach. We see that it will continue to pose a significant threat to both financial organizations and individuals here as we continue to see more users and startups dipping their feet into the digital payments field.”
To better secure companies and individuals against these known and unknown cybercriminals, Kamluk shares the following reminders:
For financial organizations and enterprises, in general:
- Defend your perimeter with a reliable vendor
- Run cybersecurity drills
- Verify your supply chain software
- Monitor the latest trends and attacks
- Motivate staff to report suspicious findings and contacts
- Update your software regularly
- Pay attention to security software alerts
- Be more suspicious in communication
- Use complex passwords and 2FA
- Use hardware digital wallets and diligently follow its security protocols
- Install a reliable security solution for your devices – including mobile phones