Banking apps for the Android ecosystem have over a billion downloads between them, and according to a new report from mobile security platform Zimperium, they are all at risk from dangerous Trojans.
The company analyzed over 600 financial apps and 10 prolific families of banking trojans targeting these apps, finding that the most targeted mobile banking app is the Spanish “BBVA Spain | Online Banking” which has over 10 million downloads.
Apparently of the 10 most prolific trojan malware (opens in new tab) out there, six are targeting this app.
Mobile banking and crypto
In the United States, 121 financial apps, with more than 280 million downloads between them, are being targeted. The UK and Italy are the next most targeted countries, it was said, with 55 and 43 targeted apps respectively.
The report also found that crooks are not as interested in “traditional” banking apps as they prefer more modern technological solutions. That said, apps that focus on mobile payments, or cryptocurrencies, are extremely popular. In fact, the top three mobile financial apps targeted by this type of malware manage alternative assets.
Teapot is the most active banking trojan of all, used against 410 apps out of 600 analyzed, while ExobotCompact.D, also known as Octo, was the oldest as it was originally discovered five years ago.
“Not all trojans targeting mobile and banking apps are created the same – they are spread differently, use different exploitation techniques and vary in different degrees of reach and sophistication,” said Nico Chiaraviglio, vice president of research at security from Zimperium. “We have seen ad hoc reports of different banking trojans over the last few years and interestingly, people may have recognized that they are increasing in scope and frequency.”
Securing your digital devices with malware and firewall protection (opens in new tab) solutions, has never been more important.