Article Details

Ten new Android banking trojans targeted 985 bank apps in 2023. This year has seen the emergence of ten new Android banking malware families, which collectively target 985 bank and fintech/trading apps from financial institutes across 61 countries. Banking trojans are malware that targets people's online bank accounts and money by stealing credentials and session cookies, bypassing 2FA protections, and sometimes even performing transactions automatically. In addition to the ten new trojans launched in 2023, 19 families from 2022 were modified to add new capabilities and increase their operational sophistication. Mobile security firm Zimperium analyzed all 29 (10 + 19) and reported that the emerging trends include: The standard features available in most of the examined trojans include keylogging, overlaying phishing pages, and stealing SMS messages. Another worrying development is that banking trojans are moving past just stealing banking credentials and money and are now also targeting social media, messaging, and personal data. New banking trojans Zimperium has examined ten new banking trojans with over 2,100 variants circulated in the wild, masquerading as special utilities, productivity apps, entertainment portals, photography tools, games, and education aids. These ten new trojans are listed below: Of the malware families that existed in 2022 and were updated for 2023, those that maintain notable activity are Teabot, Exobot, Mysterybot, Medusa, Cabossous, Anubis, and Coper. Regarding the most targeted countries, first on the list is the United States (109 targeted bank apps), followed by the United Kingdom (48 bank apps), Italy (44 apps), Australia (34), Turkey (32), France (30), Spain (29), Portugal (27), Germany (23), and Canada (17). Staying safe To protect against those threats, avoid downloading APKs from outside Google Play, Android's only official app store, and even on that platform, carefully read user reviews and perform a background check on the app's developer/publisher. During installation, pay close attention to the requested permissions, and never grant access to the 'Accessibility Services' unless you are sure about it. If an app requests to download an update from an external source upon first launch, it should be treated with suspicion and entirely avoided if possible. Finally, never tap on links embedded in SMS or email messages from unknown senders.