Banking malware threats continue to pose serious threats in the cyber world as Kaspersky reveals new details from 2021. While there was a downward trend in the overall mobile malware attack last year, the researchers also mentioned the discovery of almost 100,000 new variants of mobile banking trojans in just a year.

Many of these malware strains relied on official app stores such as Google Play Store to lure users into downloading software that appeared to be trustworthy.

Significant banking trojan spotted

  • According to the research published by Kaspersky, 97,661 new mobile banking trojans variants were detected in 2021, alongside 17,327 new mobile ransomware trojans and over 3 million malicious installation packages.
  • The banking trojans that were responsible for most detected attacks over 2021 included Trojan-Banker.AndroidOS.Agent, Trojan-Banker.AndroidOS.Anubis, and Trojan-Banker.AndroidOS.Svpeng.
  • Researchers highlighted that the newly found trojans had acquired new capabilities that ranged from accessing the user’s current session to dropping outgoing calls to recording the targeted smartphone screen.
  • Most of these attacks leveraging mobile banking trojans targeted users in Japan, Spain, Turkey, France, Australia, Germany, Norway, Italy, Croatia, and Austria. 
  • Another interesting find in 2021 was the first Gamethief-type mobile trojan that stole account credentials from the mobile version of PUBG. 
 

What’s the latest trend?

  • Since the beginning of 2022, there have been multiple reports about the discovery of new mobile banking trojans.
  • One such example is the recently found Xenomorph malware that has infected over 50,000 Android devices. The malware was distributed via Google Play Store in the form of fake performance-boosting apps. 
  • The trojan’s capabilities include stealing banking details, taking control of accounts, and initiating unauthorized transactions. 
  • Besides this, three new versions of the BRATA banking trojan, which include data wiping capabilities and various obfuscation techniques among others, were also found targeting banking apps across Italy, Latin America, Poland, and the U.K. 
  • Two other powerful trojans - Medusa and FluBot - that shared common infection tactics and delivery infrastructure were also uncovered targeting users worldwide, especially in Europe. 

Stay safe

In order to avoid falling victims to such attacks, users are recommended to stay away from applications that seem too good to be true. It is also advisable to check the reviews as it can also help avoid such malicious apps.     

Cyware Publisher

Publisher

Cyware