Kazakhstan has been ranked 10th in the global rating of financial threats over the first six months of 2024. The ranking is based on the percentage of users exposed to financial cyberattacks versus the total number of users who encountered malware, according to a report by Bluescreen.kz, citing Kaspersky Lab.
Trojan malware, typically delivered through malicious links sent by scammers, was responsible for 85% of all cyberattacks in Kazakhstan’s banking sector.
Other top hazards include exploits that take advantage of software security flaws, online threats from malicious web resources like URLs and IP addresses, HackTool-type threats and Trojan-downloaders capable of installing hidden malware on various devices.
Banking malware, such as Trojan-Banker.Win32.CliptoShuffler and Trojan-Banker.Win32.ClipBanker, which account for 63% of attacks, poses the greatest threat to the financial industry. These Trojans intercept clipboard contents, search for cryptocurrency wallet addresses or credit card numbers and, if successful, replace them with their own data. Therefore, users should exercise caution when copying and pasting important financial information.
Kazakhstan has experienced a surge in cyberattacks since last year, with incidents doubling to 34,500 cases tracked by the National Computer Emergency Response Team (KZ-CERT). Computer viruses, worms and Trojans were the primary sources of damage, accounting for 65% of all incidents (22,000) last year. These were followed by botnets (4,000 incidents) and phishing (2,200 incidents). In the first four months of 2024, the situation worsened, with KZ-CERT reporting 7.5 times more phishing attacks, while incidents involving viruses, worms and Trojans quadrupled.
According to Kaspersky Lab’s assessment of Kazakhstan’s corporate cybersecurity, 31% of organizations have fallen victim to cyberattacks, with DDoS attacks (37%) and malware infections (34%) being the most common threats.
In 25% of cases, data breaches or hacks resulted from phishing emails that employees inadvertently responded to. Additionally, 20% of employees surveyed reported experiencing attacks from encryption-based ransomware.
On March 5, the State Technical Service discovered a leak of personal data belonging to two million Kazakhstani citizens – clients of the Zaimer.kz microfinance organization, which was subsequently fined $7,700.
In late July, a Telegram user named «emo» posted the full database of BreachForums, which involved 15 hackers from Kazakhstan who were responsible for the leak of user data (including IDs, hashed passwords and personal messages) of Kazakhstani residents, covering the period up to Nov. 29, 2022. One of the forum messages also claimed that «a major Kazakhstani bank had been hacked.» However, the Ministry of Information stated that the bank had been closed since 2021, so the agency could not verify the leak.