Researchers have found nearly 100,000 new variants of mobile banking Trojans in just one year.
As our digital lives have started to focus more on handsets rather than desktops, many malware developers have shifted some of their focus towards creating mobile threats.
Many traditional infection routes are still available – including phishing and downloading and running suspicious software – but cyber attackers have also been known to infiltrate official app stores, including Google Play, to trick owners into of handsets to download software that seem trustworthy. .
This technique is often associated with the distribution of Remote Access Trojans (RATs). Although Google maintains security barriers to prevent the hosting of malicious applications in its store, there are methods to circumvent these controls discreetly.
In 2021, for example, Malwarebytes found an app on Google Play disguised as a useful barcode scanner with over 10 million active installs. Although the app was submitted as legitimate software, an update was released for the software after accumulating a huge user base, turning the app into an aggressive adware nuisance.
The same tactic can be used to turn seemingly benign apps into banking Trojans designed to steal your financial data and account credentials from online services. In the mobile world, theft can occur by redirecting users to phishing pages or by performing overlay attacks, in which a phishing window overlays the display of a banking application. Trojans can also discreetly sign up their victims for premium phone services.
Recent examples of Trojans ending up on Google Play include Joker and Facestealer.
According to a new study published by Kaspersky, 97,661 new variants of mobile banking Trojans were detected in 2021, alongside 17,372 new mobile ransomware Trojans and a total of 3,464,756 malicious installer packages, .APK that can be installed on jailbroken devices or those that accept apps from strangers. developers.
The banking Trojans responsible for the most detected attacks in 2021 were Trojan-Banker.AndroidOS.Agent, Trojan-Banker.AndroidOS.Anubis and Trojan-Banker.AndroidOS.Svpeng.
Residents of Japan, Spain, Turkey, France, Australia, Germany, Norway, Italy, Croatia, and Austria are most commonly targeted by mobile banking Trojans.
Kaspersky claims that after a sharp increase in the number of detected attacks in 2020, rates of banking Trojans are now falling.
Cybersecurity researchers added that there is a “downward” trend in mobile attacks in general, but “attacks are becoming more sophisticated in terms of functionality and malware vectors.”
Do you have any advice? Get in touch securely via WhatsApp | Signal at +447713 025 499, or more at Keybase: charlie0