In a concerning revelation, a recent report highlights a significant increase in mobile banking trojans globally. The report has been published by a leading Mobile security firm Zimperium that analysed cyber attacks and trojans targeting banking institutions. The findings of the report show that 29 malware families have actively targeted a staggering 1,800 banking applications across 61 countries over the past year. This shows how cyber threats are increasing in the mobile banking landscape.
The report confirms a significant increase in banking trojans as compared to the previous year. Ten new trojans were launched in 2023 and 19 families of malware from 2022 were also modified to get new capabilities. Now trojans are more advanced. They can bypass security measures and go undetected on mobile devices.
One significant trend is the integration of an Automated Transfer System (ATS) into trojans. This sophisticated addition enables the capture of Multi-Factor Authentication (MFA) tokens, initiation of transactions, and seamless facilitation of fund transfers. Cybercriminals have adapted social engineering tactics to target victims.
Furthermore, trojans have evolved to include live screen-sharing capabilities, allowing threat actors to directly interact with infected devices remotely. This advancement in functionality poses an increased threat to user privacy and system security. Notably, some trojans are now being offered as part of a subscription package to fellow cybercriminals, with prices ranging from $3,000 to $7,000 per month. This “Malware-as-a-Service” (MaaS) model signifies a shift in the cybercriminal landscape
Across the examined trojans, keylogging, overlaying phishing pages, and the theft of SMS messages were common features. These capabilities remain integral to the trojan toolkit, underscoring the versatility and adaptability of these malicious entities.
United States banking institutions topped the list as the most targeted by financially motivated threat actors. A total of 109 banks faced cyber attacks in 2023. The United Kingdom (48 banking institutions) and Italy (44) followed as the next most targeted countries. It is worth noting that Trojans are extending their reach beyond simple banking apps. Now cybercriminals are also targeting cryptocurrency, FinTech, Tracking, social media, and messaging applications.
Traditional banking applications remain the primary focus, accounting for 61% of the 1,800 targeted apps. However, emerging FinTech and Trading apps make up the remaining 39%. The report identifies the top banking malware families, including Hook, Godfather, and Teabot, based on the number of banks targeted.
With more and more mobile banking malware appearing, it’s important to be proactive about security. Here are some tips: be careful when downloading apps, pay attention to the permissions they ask for, be cautious about updates from outside sources, and avoid clicking on unknown links.
As the online world changes, it is important to recognize and deal with the dangers of mobile banking trojans. This detailed report encourages both individuals and businesses to take action to protect their mobile devices. This helps keep personal and financial information safe from the increasing threat of cyber attacks. Stay aware, stay safe.
Read: How to stay safe while using online dating apps
Related Posts
