Report: Banking Malware Attacks Targets Corporate Users


By Emma Okonji

The recent malware report from Kaspersky showed that in 2019, 773,943 users of the company’s solutions globally were attacked by banking Trojans. Of those users, a third, which was about 35.1 per cent were in the corporate sector, according to the report.

It stated that in Africa, almost every hundredth user varying from 0.9 per cent to one per cent in Nigeria, South Africa, Ethiopia, and Kenya were attacked by banking Trojans at least once during the past year.

According to the report, ‘Banking Trojans,’ were one of the most widespread tools for cybercriminals as they focused on stealing money.
It stated that the Trojans also known as ‘Bankers’ usually search for users’ credentials for e-payment and online banking systems, hijacking one-time passwords, and then passing that data to the attackers.

Furthermore, the report stated that a third of the attacks in 2019 targeted corporate users, which saw an increase from the figure of 24 per cent to 25 per cent that has remained fairly consistent for the previous three years. According to experts, the rationale for this showed clear attacks on the B2B sector that could not only provide access to banking or payment system accounts, but through employee exposure, could also compromise a company’s financial resources.

The collected data also showed that Ethiopia had the largest share of corporate users among those who are targeted by banking malware in African regions, which reached 71 per cent in 2019, a situation that revealed that almost two thirds of banking malware attacks in the country were aimed at the corporate sector. The country was closely followed by South Africa, where this figure was significantly smaller and could be compared to the global number, reaching 30 per cent.

The report stated that Nigeria and Kenya however, saw this parameter lower than average, with approximately a fifth, which is about 22,5 per cent of banking malware attacks in Kenya targeting corporate devices, compared to 13 per cent in Nigeria.

Analysing the report, a security expert at Kaspersky, Oleg Kupreev, said: “While the overall number of attacks with bankers decreased in 2019, the growing interest for corporate users’ credentials indicates we are not yet seeing respite from financial threats. “We therefore ask everyone to stay cautious when conducting financial operations online from personal computers (PCs.) While we are in the current peak of remote working during the Coronavirus pandemic, it is especially important not to underestimate criminals’ desire for stealing money.”
According to him, in 2019, the share of financial phishing increased from 44.7 per cent of all phishing detections to 51.4 per cent.”