PH registers highest attack from banking Trojans


Increased cashless payments in Asia Pacific (APAC) during the pandemic made the region a hotspot for banking Trojans, one of the most dangerous malware used to steal money from users’ bank accounts.

And the Philippines logged the highest number of unique users attacked in APAC by all banking Trojans discovered in the region, at 22.26 percent, according to the latest data from cybersecurity firm Kaspersky.

Bangladesh came in second, with 12.91 percent; Cambodia third, at 7.16 percent; Vietnam, fourth, at 7.04 percent; and Afghanistan, fifth, at 7.02 percent.

The attacks were of utmost concern since electronic payments has become a key pillar of the digital economy in pandemic times.

APAC is also the largest contributor to global payments revenue, with analysts expecting the sector to exceed $1 trillion revenue by 2022 or 2023.

“Even before COVID-19, Asia Pacific has always been one of the leaders in digital payment adoption, driven by developed countries like China, Japan, South Korea, and even India. This pandemic extended the use of this technology significantly further – particularly in still emerging economies in Southeast Asia and South Asia," Vitaly Kamluk, Kaspersky's director of Global Research & Analysis Team (GReAT) for APAC said.

Lockdown restrictions forced everyone to shift their financial transactions online and the outbreak of banking Trojans started in the region by early 2019.

Banking Trojans obtain access credentials or one-time passwords to online bank accounts or to manipulate the user and hijack control for the live online banking session from the legitimate owner.

Due to the uptick of online payment usage and the still-needing-improvement consumer attitudes towards protecting their devices, banking Trojan is among the most impactful malware for home users.

“Banking Trojans were not the biggest concern of many countries in APAC until 2019 when an outbreak of infections appeared in multiple countries at once," Kamluk said.

"From then on there was no looking back. Our telemetry shows that this malicious threat has grown in terms of detections and reach," he warned.

Worse, "We see that it will continue to pose a significant threat to both financial organizations and individuals here as we continue to see more users and startups dipping their feet into the digital payments field,” he added.

Kaspersky also listed other types of financial threat actors, based on an analysis of almost 300 publicly reported financial sector cyber-incidents since 2007.

These include non-state actors (cybercriminals) – individuals or criminal groups seeking personal gains and illegal profit.

Often interested in unauthorized access to sensitive payment processing systems, ATM networks, but also running blackmailing after ransomware attack or DDoS.

The result of such attacks are either disruption of business operations or money theft.