Mobile Banking Heists: The Emerging Threats and How to Respond

Share this blog

The landscape of modern banking and financial management has evolved with the rise of digital access to assets on a global scale. From payments to cryptocurrencies, banking to investments, the financial industry has turned the mobile phone into a personal ATM for each customer. But with this evolution and digital growth comes new threats to each customer’s financial assets and critical information with the rise of mobile banking trojans.

Banking trojans are specially crafted to target mobile financial applications. The banking and financial services sector continues to experience increasingly sophisticated attacks by trojans, wreaking financial havoc across their customer base. Banks, investment firms, cryptocurrency wallets, and more are subject to attacks by banking trojans to steal money directly from victims.

Banks are kind of caught between a rock and a hard place. As you make a business easier to access for customers, at the same time you could be making it easier for robbers. – J. Branch Walton, President of the National Association for Bank Security.

Just as bank robbers of the past would hold up physical bank locations, the prolific access to users’ finances from the mobile device has opened up opportunities for greater reward and less physical risk. The malicious actors behind banking trojans are counting on mobile applications and endpoints lacking comprehensive security solutions to detect and prevent their actions. With the number of mobile financial applications available to users growing, new targets are being added daily.

Available today, the Mobile Banking Heists: The Global Economic Threat report provides a comprehensive review of 10 prolific mobile banking trojans and over 600 targeted mobile financial applications globally. The report, produced by the Zimperium zLabs research team, covers the critical risks and threats to mobile financial applications along with profiles of each malware family. Readers will learn about the differences between each mobile banking trojan, including the unique and advanced malicious features that make each malware an effective tool.

Here are just a few sample highlights from this comprehensive report:

  • Banking trojan Teabot is targeting 410 of the 639 financial applications tracked.
  • The top 9 targeted mobile financial apps cover banks, investing, payments, and cryptocurrency with over 260,000,000 total downloads.
  • The top 3 mobile financial apps targeted by trojans focus on mobile payments and alternative asset investments, like cryptocurrency and gold. These three apps account for over 200,000,000 downloads globally.
  • Of the 639 applications covered in this report, 50 with over 285,000,000 downloads are related to investing in stocks, cryptocurrency, or portfolio management.

This report aims to address the mobile banking trojans targeting financial institutions daily and to support the critical work you’re already doing to secure your organization, data, and customers.

Get your copy today and register for our upcoming webinar Thursday, June 23rd at 11am EDT/ 4pm CET to hear the threat research team behind the report cover this and other mobile threats highlights from the first half of 2022.

Richard Melick has spent over a decade advancing through the security industry with his considerable experience and considerable focus on the stories surrounding ransomware, hacking, and cyber attacks. He has been a security speaker on five continents and has even advised royalty on how to make and distribute ransomware.