April 10, 2020, Kathmandu, Nepal
Doing everything online might be the easiest and efficient way of life, but it surely is not the safest. With the increasing number of cybercrimes, there are significant concerns on what we do online. Due to lockdown, there is an emergence in the number of people using digital payments. But this has also led to a rise in criminal groups targeting online payment systems.
Attack on Payment Processing System
Researchers from global cybersecurity and anti-virus brand Kaspersky have warned us about the possible increase in cybercrime related to online payment processing systems in 2020. According to them, JS-skimming has gained immense popularity among attackers. JS-skimming is a kind of cybercrime where payment card data from online stores is stolen.
Kaspersky researchers said they are currently aware of at least ten different actors involved in JS-skimming. They predicted it to increase in 2020. Companies that provide services such as e-commerce as-a-service are at more risk.
Yuriy Namestnikov, Security Researcher at Kaspersky, said cybercriminals are shifting their focus onto data that helps to bypass anti-fraud systems in their attacks. Namestnikov added, “Behavioural and biometrics data is on sale on the underground market. Additionally, we expected JS-skimmer base attacks to increase, and they did. With 2020 on the horizon, we recommend security teams in potentially affected areas of the finance industry to gear up for new challenges.”
Attack on Mobile Investment Apps
With the increasing popularity of mobile investment apps, they are also more likely to be attacked by these criminals. Some of these apps are weak in their security and protection of the app connection. These loopholes can make them more vulnerable to hackers.
Kaspersky’s research suggests that the source code of some popular mobile banking Trojans was leaked into the public domain. Due to similar cases of malware source code leakage, there was an increased number of new variations of these Trojans. According to the research, it is most likely to repeat this year.
They also expect an increase in the activity of groups specialized in the criminal-to-criminal sale of network access to banks. These types of cases will increase in the African and Asian regions, as well as in Eastern Europe.
Their prime targets are small banks, as well as financial organizations recently. They are rebuilding their cybersecurity system following the standards of their parent companies, which makes them easy targets of these groups.
It is also highly expected that the same types of banks may become victims of ransomware virus attacks. It is because the banks are among those organizations that are more likely to pay a ransom than accept the loss of data.