Banking apps targeted by multiple malware families
New research from mobile security platform Zimperium has uncovered 29 malware families targeting 1,800 banking applications across 61 countries in the last year.
US banking institutions remain by far the most targeted by financially motivated threat actors. There were 109 US banks targeted by banking malware in 2023, compared to the next most targeted countries which were the UK (48) and Italy (44). The report also noted that trojans are evolving beyond simple banking apps to target cryptocurrency, social media, and messaging apps.
"Mobile banking security is currently in a high-stakes scenario, with numerous threat actors posing substantial risks. This report shows the sophistication, adaptability, and scalability of banking trojans and their widespread impact on mobile applications across the globe," says Nico Chiaraviglio, chief scientist of Zimperium. "We are seeing that they are finding ways to bypass traditional defenses, which is why it is critical that banking and financial organizations employ comprehensive, real-time, on-device mobile security to combat these intelligent adversaries."
Traditional banking applications remain the prime target, with a staggering 1,103 compromised apps -- accounting for 61 percent of the 1800 targets -- while emerging FinTech and trading apps make up the remaining 39 percent.
The research also finds that 19 malware families from last year's report have evolved with new capabilities, while 10 new families have been identified as a threat in 2023.
New capabilities observed within banking malware this year include; Automated Transfer System (ATS), a technique that facilitates unauthorized transfers of money; Telephone-based Attack Delivery (TOAD), which Involves a follow-up call to gain trust and download more malware; and screen sharing to remotely control a victim's device without having physical access to it.
There's also been an increase in Malware-as-a-Service (MaaS) offering malware creation tools for rent or sale, facilitating easy execution of cyberattacks.
The full report is available from the Zimperium site.
Photo credit: Oleksiy Mark / Shutterstock