Chapter 1: The Shift in Cybercrime Focus

In recent times, hackers have intensified their focus on more serious and lucrative targets. According to Kaspersky, new mobile malware is becoming increasingly sophisticated, providing fresh avenues for stealing users' banking and gaming credentials, as well as other personal data.

Last year alone, Kaspersky detected over 95,000 new mobile banking Trojans. The segment of Trojans—malicious software capable of executing remote commands—saw a significant increase, reaching 8.8% in 2021. While the overall number of attacks on mobile users globally has decreased, with 46 million incidents reported in 2021 compared to 63 million in 2020, experts believe this decline is linked to the surge of cyberattacks observed during the initial lockdown phase when many were forced to work from home.

This stabilization in cybercrime trends should not lead to complacency. In 2021, 3.5 million malicious installation packages were identified, leading to 46.2 million global attacks. Alarmingly, the number of assaults targeting banking systems remains high, as Trojans continue to evolve to capture user credentials for future fraud. In total, there were 2.367 million targeted attacks last year, which is a decrease of 600,000 from 2020, but attackers are constantly updating their financial Trojans.

Cybercriminals have also shifted their focus to gaming accounts, with the first mobile Trojan known as Gamethief designed to steal credentials from the mobile version of PlayerUnknown’s Battlegrounds (PUBG).

Cyberattacks on the Rise! How to Stop Hackers - YouTube

This video discusses the growing threat of cyberattacks and offers strategies for individuals and organizations to combat hackers effectively.

Chapter 2: The Danger of Phishing Attacks

Romania has recently seen a surge in cyberattacks, often initiated through deceptive emails. The National Cyber Security Directorate has issued warnings about a new campaign targeting users via phishing messages that mimic the University of Bucharest's branding. These emails typically contain dangerous Excel attachments that jeopardize data security.

Kaspersky's annual mobile threat report highlighted that while the number of attacks on mobile users fell to 46 million in 2021, the prevalence of such malware remained steady. Additionally, the share of Trojans capable of executing remote commands increased to 8.8% in 2021.

Experts attribute the decline in mobile attacks to the increased cyber activity seen at the beginning of the pandemic, when remote work surged. During this period, there was also a rise in the use of video conferencing and entertainment applications, which broadened the range of attack opportunities.

Despite this decline, Kaspersky's experts caution against being overly relaxed. In 2021, 3.5 million malicious installation packages were identified, resulting in 46.2 million attacks worldwide, with 80% of these carried out by malware rather than adware or other risk tools.

The number of banking Trojan assaults remains concerning, with 2.367 million incidents recorded in 2021, which, although lower than the previous year, still highlights the persistent threat. Kaspersky identified over 95,000 new banking Trojan variants last year, many of which featured advanced capabilities.

For instance, the Fake calls Trojan can redirect calls from users attempting to contact their banks, replacing genuine sounds with pre-recorded answers that mislead victims into divulging sensitive information. Furthermore, Sova, a banking Trojan, can extract users' cookies, allowing access to personal accounts in mobile banking applications without requiring login credentials.

How You Get Hacked: What Attackers Use Today - YouTube

This video explores the methods and tools that cybercriminals employ to compromise personal information and offers insights into preventing such attacks.

In 2021, cybercriminals also targeted gaming account credentials, which were subsequently sold on the dark web or used to steal in-game items from users. The Gamethief Trojan was specifically designed to extract credentials from the mobile version of PUBG.

In summary, while the overall number of mobile attacks has decreased, the complexity and stealth of current cyber threats have increased significantly. Cybercriminals now often disguise malicious applications as legitimate ones available on official app stores. As mobile banking and payment applications become more common, it is vital to remain vigilant. Employing robust security measures and being cautious about downloading unfamiliar applications can significantly mitigate risks. "It's better to be safe than sorry," advises Tatyana Shishkova, a security expert at Kaspersky.