Mobile banking has become an integral part of our daily lives. The ability to manage finances through a smartphone or tablet offers convenience and flexibility that was previously unavailable. This explains the growing popularity of mobile banking in all states.
Study: Malware has more than doubled in number
However, the growing popularity of mobile banking has also caused a noticeable spike in financial fraud. According to a study conducted by Zimperium, 29 malware families were reported last year, targeting 1,800 banking apps in 61 countries. This means the amount of malware targeting mobile banking more than doubled in a year.
Compared to the 2022 data, which found only 10 malware families targeting 600 banking apps, the increase in attacks is remarkable. This shows that cybercriminals are actively adapting and increasing their efforts to illegally gain access to mobile banking users’ financial data.
What the New Malware Can Do?
The move to mobile banking offers new opportunities and convenience, but it also poses a threat to the security of our financial accounts. Malware can infect our devices and become a tool for identity theft, including passwords, credit card numbers, and other sensitive information.
According to the latest Mobile App Security Report, traditional banking apps are still a prime target for cyberattacks. Interestingly, out of the 1,800 compromised apps, 61% are banking apps, while new FinTech and trading apps make up only 39%.
Meanwhile, casino apps, which are traditionally associated with information theft, take up a very small percentage. So the next time you see a tempting casino for Canadian dollars on www.topcadcasinos.net, you can safely download the app, as it is unlikely to be infected with viruses.
Some of the most popular banking malware families that are of most concern include Hook, Godfather, and Teabot. These families of programs are the most active and effective in attacking banks. What’s interesting is that in the 2022 report, 19 of the existing malware families gained new capabilities, and as early as 2023, 10 new threat families were discovered.
One interesting new capability that the new banking malware families have acquired is the Automated Transfer System (ATS). This method makes it easier to make unauthorized transfers of money. This means that attackers can gain access to people’s bank accounts more easily and quickly.
Another interesting new feature is delivery over-the-phone (TOAD) attacks. The essence of this method is to first call the victim’s phone to gain their trust and then download more malware. This method is based on psychological manipulation and aims to trick users and gain access to their sensitive data.
Also worth noting is the screen-sharing feature. This feature allows attackers to remotely control the victim’s device, even without physically accessing it. This gives them complete control over the device and the ability to access any sensitive data that may be stored on it.
Interestingly, with the advancement of the internet and technology, cybercriminals have started using online business models that offer malware-as-a-service (MaaS).
This means that they offer tools to create and distribute malware for rent or sale. This business model makes the execution of cyberattacks much easier and more accessible to a wide audience, which increases the number of threats.
The findings highlight the dynamic and expanding mobile threat landscape. To tackle the threats, a comprehensive, autonomous, and continuously updated mobile security strategy is required.
Key recommendations include installing apps only from official and trusted sources, such as the App Store or Google Play, and regularly updating devices and apps to the latest versions. In addition, you should use strong and unique passwords to access banking apps and activate additional security systems, such as two-factor authentication.
