Banking Trojans Dominate the Mobile Malware Threat Landscape

Significant banking trojan spotted

• According to the research published by Kaspersky, 97,661 new mobile banking trojans variants were detected in 2021, alongside 17,327 new mobile ransomware trojans and over 3 million malicious installation packages.
• The banking trojans that were responsible for most detected attacks over 2021 included Trojan-Banker.AndroidOS.Agent, Trojan-Banker.AndroidOS.Anubis, and Trojan-Banker.AndroidOS.Svpeng.
• Researchers highlighted that the newly found trojans had acquired new capabilities that ranged from accessing the user’s current session to dropping outgoing calls to recording the targeted smartphone screen.
• Most of these attacks leveraging mobile banking trojans targeted users in Japan, Spain, Turkey, France, Australia, Germany, Norway, Italy, Croatia, and Austria. 
• Another interesting find in 2021 was the first Gamethief-type mobile trojan that stole account credentials from the mobile version of PUBG. 

What’s the latest trend?

• Since the beginning of 2022, there have been multiple reports about the discovery of new mobile banking trojans.
• One such example is the recently found Xenomorph malware that has infected over 50,000 Android devices. The malware was distributed via Google Play Store in the form of fake performance-boosting apps. 
• The trojan’s capabilities include stealing banking details, taking control of accounts, and initiating unauthorized transactions. 
• Besides this, three new versions of the BRATA banking trojan, which include data wiping capabilities and various obfuscation techniques among others, were also found targeting banking apps across Italy, Latin America, Poland, and the U.K. 
• Two other powerful trojans - Medusa and FluBot - that shared common infection tactics and delivery infrastructure were also uncovered targeting users worldwide, especially in Europe. 

Stay safe