Cybercriminals stole billions last year

Leading international software security group Kaspersky in its recent reports on worldwide cyber crime has placed Bangladesh in the world's number one position in both mobile malware attacks and offline attacks and 19th position on online attack target.

This means the country's mobile phone users and offline computer users are among the world's most vulnerable ones. Hackers can steal individuals' banking and other personal information from their infected devices and use it for criminal purpose.

Off line infections are spread by removable media connected to the computers, such as flash drives, memory cards, telephones, external hard drives and network drives.

Bangladesh had a rude awakening to the criminal power of hackers with the recently revealed reports on how Chinese hackers stole $100 million from Bangladesh Bank's account in the New York Federal Reserve Bank. The hackers had also attempted to siphon off nearly $1 billion—which was foiled when an American bank recalled the transfer order.

In February last year, Kaspersky was quoted by Reuters that a multinational gang of cyber criminals has stolen $1 billion from 100 financial institutions around the world in about two years. The global scale crime hit banks in Japan, China, the United States, and throughout Europe.

Kaspersky's annual report published in December 2015 reveals some alarming information about cybercrime around the world including Bangladesh. Their information is based on users having Kaspersky Lab's products.

About 22 percent of mobile users in Bangladesh were attacked by mobile malware—which is the highest in the world. Bangladesh is followed by China, Nigeria, Tanzania and Iran.

It says that one third of the computers in the world were subjected to at least one web attack last year. To carry out the attacks, the criminals used 6.5 million unique hosts.

Kaspersky also noted that it registered about two million notifications about attempted “malware” infections (malicious software) that aimed to steal money via online access to bank accounts.

It also noted that Ransomware (malicious software that locks down a person's computer and offers to unlock the computer for large amount of money) were detected on 0.7 million computers.

Just yesterday, Sydney Morning herald reported that Millions of customers of Australia's largest banks are the target of a sophisticated Android attack which steals banking details and thwarts two-factor authentication security.

Commonwealth Bank, Westpac, National Australia Bank and ANZ Bank customers are all at risk from the malware which hides on infected devices waiting until users open legitimate banking apps. The malware then superimposes a fake login screen in order to capture usernames and passwords.

The malware is designed to mimic 20 mobile banking apps from Australia, New Zealand and Turkey, as well as login screens for PayPal, eBay, Skype, WhatsApp and several Google services.

Meanwhile Kaspersky reported that there are malicious software distributed in both mobile phones and personal computers which work in partnership of both devices.

“When a user visits his online banking account, the Trojan modifies the page, asking him to download an Android application which is allegedly required to securely confirm the transaction. In fact, the link leads to the Faketoken application. Once Faketoken is on the user's smart phone, the cybercriminals gain access to the user's banking account via the computer infected with the banking Trojan and the compromised mobile device allows them to intercept the onetime confirmation code (mTAN),” Kaspersky explains.

Whereas 38 percent internet computer users in Russia face the risk of online infection—where the worst scenario prevails, Bangladeshi users are not that safe. Ranked 19th, 23 percent users in Bangladesh remain vulnerable online.

Besides, Bangladesh is also at the top of “local” computer infection with 64 percent users having their computers infected.