Banking apps for the Android ecosystem have over a billion downloads, and according to a new report from mobile security platform Zimperium, all are exposed to dangerous Trojans.
The company analyzed more than 600 financial applications and 10 prolific families of banking Trojans targeting these applications and concluded that the most attacked mobile banking application is the Spanish one “BBVA España | Online Banking” that has more than 10 million downloads.
Apparently, out of the 10 most prolific Trojan horse malware (opens in a new tab), six target this app.
Mobile banking and cryptocurrencies
In the United States, it targets 121 financial apps, with more than 280 million downloads between them. The UK and Italy are the next most targeted countries, it said, with 55 and 43 apps targeted respectively.
The report also revealed that fraudsters are not very interested in "traditional" banking apps, preferring more modern technological solutions. That said, apps that focus on mobile payments or cryptocurrencies are extremely popular. In fact, all three of the main mobile financial apps targeted by this type of malware manage alternative assets.
Teapot is the most active banking Trojan of all, used against 410 applications out of 600 analysed, while ExobotCompact.D, also known as Octo, was the oldest, having been discovered there five years ago.
"Not all Trojans targeting mobile and banking apps are the same: they are distributed differently, use different exploitation techniques, and vary in other degrees of scope and sophistication," said Nico Chiaraviglio, vice president of security research at Zimperium. “We have seen ad hoc reports of various banking Trojans in recent years, and anecdotally, people may have recognized that they are increasing in scope and frequency.”
Protecting your digital devices, with malware protection and firewall solutions (opens in a new tab), has never been more important.