The Top 10 Banking Trojans target hundreds of financial apps with over a billion users. Ten of the most prolific mobile banking trojans have targeted 639 financial apps accessible on the Google Play Store, which have been downloaded over 1.01 billion times in total.

Walmart-backed PhonePe, Binance, Cash App, Garanti BBVA Mobile, La Banque Postale, Ma Banque, Caf – Mon Compte, Postepay, and BBVA México are among the most targeted apps. These apps alone have received over 260 million downloads from the official app store.

The United States has 121 of the 639 apps tracked, followed by the United Kingdom (55), Italy (43), Turkey (34), Australia (33), France (31), Spain (29), and Portugal (27).

“TeaBot is targeting 410 of the 639 applications tracked,” stated mobile security firm Zimperium in a new report of Android threats in the first half of 2022. “Octo targets 324 of the 639 applications tracked for credential theft and is the only one targeting popular, non-financial applications.”

Other notable banking trojans include BianLian, Coper, EventBot, FluBot (Cabassous), Medusa, SharkBot, and Xenomorph, in addition to TeaBot (Anatsa) and Octo (Exobot).

FluBot is also thought to be an aggressive Cabassous variation, not to mention known for tying its distribution wagon to Medusa, another mobile banking trojan capable of gaining near-complete control of a user’s device. Europol said last week that the infrastructure underpinning FluBot would be decommissioned.

While disguised as benign-looking apps, these malicious remote access tools are meant to target mobile financial applications in an attempt to commit on-device fraud and steal funds directly from the victim’s accounts.

Furthermore, the rogue apps have the capacity to avoid detection by frequently hiding their icons from the home screen, and they are known to collect keystrokes, capture clipboard data, and misuse accessibility services rights to accomplish their objectives such as credential theft.

Overlay assaults are used to direct a victim to a phony banking login page that appears atop authentic financial apps and can be used to steal the credentials entered.

Such attacks can result in everything from data theft and financial fraud to regulatory fines and a loss of customer trust.

“Over the last decade, the financial industry has totally shifted to mobile for banking, payments, and stock trading,” the researchers wrote. “While this change provides consumers with enhanced convenience and more options, it also raises unique fraud concerns.”

Have you enjoyed reading this article? To read more exclusive material from THN, follow us on Facebook. The Top 10 Banking Trojans target hundreds of financial apps with over a billion users.


Leave A Reply