Publications
Partners
Cape Town – Cyber criminals have updated mobile malicious software to steal financial information, according to an internet security company.
On Monday, Kaspersky Lab reported that Trojan malware Asacub had been updated with the ability to steal financial data related to online banking.
“In autumn 2015 Kaspersky Lab’s experts discovered several new versions of the Asacub Trojan which confirmed its transformation into a tool for stealing money, with the new version equipped with phishing pages mimicking log-in pages of banking applications,” the company said in a statement.
Kaspersky added that the functionality of the malware has pushed into the firm’s top 10 most prevalent malicious programs targeting finances.
“These new versions also contained a new set of functions including call redirection and sending USSD requests (a special service for interactive non-voice and non-SMS communications between the user and cellular provider), which made Asacub a very powerful tool for financial fraud,” Kaspersky said.
READ: Cyber scammers blow holes in SA wallets
Analysis of the malware revealed links to other known malicious programs.
“When analysing this Trojan, we found that the Asacub malware has connections to criminals with links to a Windows-based spyware called CoreBot. The domain used by Asacub’s Command&Control centre is registered to the same person as tens of domains that were used by Corebot,” said Roman Unuchek, senior malware analyst at Kaspersky Lab US.
“It is therefore highly likely that these two types of malware are being developed or used by the same gang, who see huge value and criminal gain in exploiting mobile banking users,” Unuchek added.
- Follow Duncan on Twitter
