Go to:

April 2019
< Mar May >
Leaguer Email Subscription

You are not currently subscribed. Click Subscribe below to receive the Leaguer email.

Russian Svpeng Trojan Threatens U.S. Mobile Banking
Thursday, June 19, 2014 6:35 AM

The question has lingered in the air since mobile phone technology allowed users to access their financial accounts from just about anywhere in the world, and hackers discovered the potential for making a quick-and-dirty buck through any weakness in that technology:  Is mobile banking safe?

About 102 million Americans use mobile banking, which means the cyber-ground is fertile for cyber-attacks. Until last week, no major security event had directly threatened mobile banking users; but Kaspersky Lab has discovered a breed of Russian malware called Svpeng, which last year was seen in the U.K. and has now arrived in the U.S.

The Svpeng Trojan looks for specific mobile banking apps on an individual's phone, then locks the phone and demands money before it will unlock it. Once the malware has made its way into the device via a social engineering campaign which uses text messages, it looks for apps from a specific set of financial institutions: USAA, Citigroup, American Express, Wells Fargo, Bank of America, TD Bank, JPMorgan Chase, BB&T, and Regions Bank. So far, no credit unions have appeared on the target list. But that could change.

Among other things, Svpeng then locks the screen of the mobile device with a fake FBI penalty notification letter and demands $200 in the form of Green Dot MoneyPak cards, and displays a photo of the user taken by the phone's front camera.

Currently, the malware does not steal mobile or online banking credentials; but experts at Kaspersky Lab say that is only a matter of time. At that point, it may gather mobile banking app credentials and have a path to steal money from user's accounts.

Kaspersky experts say it's impossible to repel an attack and that consumers who fall victim to Svpeng can do almost nothing. They recommend financial institutions monitor consumer transactions for signs of account takeover activity and then take action to prohibit criminals from accessing or raiding accounts. Financial institutions also need to educate consumers about the threat and work toward putting the proper mobile security in place.