The Middle East's online banking users are between the most sought after targets for cybercriminals as it has emerged that Egypt, Saudi Arabia Turkey, Morocco, Iran and Kuwait were among the world's markets worst hit by a version of ZeuS, a highly specialized online banking Trojan, according to Kaspersky Lab, a leading developer of secure content management solutions.
During a five-month study completed in June 2010, Kaspersky Lab analysts tracked an online crime gang using a version of the Zeus Trojan and developed a geographic pattern of its attacks as well as a profitability evolution. The results are alarming for the Middle East region.
The worst hit market internationally was Egypt which recorded approximately 7,500 infections, the world's highest rate, with Mexico being second with more than 5,000 victims. Saudi Arabia was third with just under 5,000 infected users. Turkey was fourth in the list with each of Morocco, Iran and Kuwait also hovering near the 2,000 mark.
"One needs to put this into context in order to understand how critical is the situation becoming for the Middle East region," said David Emm, Kaspersky Lab's Senior Regional Researcher, Global Research and Analysis Team, speaking at the E-Crime Congress in Abu Dhabi yesterday.
"The same gang targeted markets such as the USA causing just about half the infections it caused in Egypt, despite having a much broader potential playing field due to America's much higher Internet penetration footprint.
"The gang's attacks worked by intercepting and then redirecting funds of the hard earned money of their unsuspecting victims, either directly from online banking accounts or by the means of stolen credit card numbers. Cybercrime is becoming very appealing because of its potential rewards and also because it is easy to do and has a lower associated risk compared to other types of crime," said Emm.
"Since the first ZeuS Trojan appeared in 2006, over 40,000 versions of this Trojan have been recorded. It is a very cost-effective and efficient means of illegally collecting banking information. Once a system is compromised, the gangs can command and control the laptop or PC, steal any relevant data stored in them and transfer it in a 'dropzone' from where it can be collected by the cybercriminal."
Prevention is the key to a safer internet experience according to Tarek Kuzbari, Managing Director, Kaspersky Lab, Middle East.
"People need to deploy enhanced online banking security measures. Users of online banking services must keep their login information private at all times. An up to date operating system, complemented with a security solution which includes an anti virus, antispyware, firewall and vulnerability scanner are essential in mitigating and successfully defending cyber attacks," he said.
"The problem in the Middle East is compounded due to low consumer awareness of the risks associated with online security and this is something cybercriminals take advantage of. Governments across the region also need to step up their online crime deterrent measures by adopting, adjusting and implementing best international practices which have proven to provide adequate defence mechanisms against cyber attacks.