A security firm analyzed the impact of commonly-spread financial trojans throughout 2014, and found that the number of detections decreased by 53 percent, though the U.S. remained the top country in infections.
Symantec's report called, “The State of Financial Trojans 2014,”(PDF) was published Tuesday, and examined nine of the “most common and sophisticated financial trojans,” which, in all, targeted 1,467 financial institutions in 86 countries, the report said.
In addition to the number of infections dipping between 2013 and 2014 (by 53 percent), traditional phishing email rates also dropped by 74 percent last year, Symantec found.
Researchers attributed the decline to a number of factors, including major takedown efforts last summer by law enforcement and private sector companies which disrupted the command-and-control operations for Gameover Zeus and Shylock malware. Security solutions capable of thwarting malware attacks via exploit kits, such as browser protection and URL reputation technology, may have also whittled down infection rates, the report explained.
Symantec noted, however, that malware families highlighted in the report remained a prevalent threat to organizations – particularly those in the U.S.
“When looking at the top ten regions with the highest financial trojan detection rates, the US remained at the top spot between 2013 and 2014,” the report said. “The UK came in second in 2014, moving up from third in 2013.”
Japan, which was the second highest region for financial trojan detections in 2013, was bumped to fourth place in infections last year.
In the U.S., Symantec detected nearly one million computers compromised with commonplace financial trojans in 2014. In comparison, the UK, which held the second highest incidence of infections, had less than 400,000 computers compromised with such malware.
Symantec's breakdown of the most detected malware pegged Zbot (or Zeus), as the financial trojan impacting the most users. Zeus was detected on four million compromised computers worldwide in 2014, while, Dyranges, an infostealer, was detected on 90,000 endpoints. The other prevalent malware families analyzed were Cridex, Snifula, Bebloh, Shylock, Spyeye, Mebroot and Carberp.
“With the exception of the Infostealer.Dyranges, all of the most prevalent banking threats were from previously known malware families,” the report said. “Dyranges, on the other hand, first appeared in June 2014 and its use has skyrocketed since.”