10 of the most prolific mobile banking Trojans have set their sights on 639 financial apps available on the Google Play Store and have been downloaded over 1.01 billion times.
Some of the most targeted apps include PhonePe, Binance, Cash App, Garanti BBVA Mobile, La Banque Postale, Ma Banque, Caf – Mon Compte, Postepay and Walmart-backed BBVA México. These apps alone account for more than 260 million downloads from the official app market.
Of the 639 apps tracked, 121 are based in the US, followed by the UK (55), Italy (43), Turkey (34), Australia (33), France ( 31), Spain (29) and Portugal (27). ).
“TeaBot targets 410 of 639 tracked apps,” mobile security firm Zimperium said in a new analysis of Android threats in the first half of 2022. “Octo targets 324 of 639 tracked apps and is the only one to target popular apps, non-financial applications for credential theft.”
Besides TeaBot (Anatsa) and Octo (Exobot), other prominent banking Trojans include BianLian, Coper, EventBot, FluBot (Cabassous), Medusa, SharkBot, and Xenomorph.
FluBot is also seen as an aggressive variant of Cabassous, not to mention hitching its distribution cart to serve Medusa, another mobile banking trojan that can gain almost complete control over a user’s device. Last week, Europol announced the dismantling of the infrastructure behind FluBot.
These malicious remote access tools, while hiding behind the cloak of benign-looking apps, are designed to target mobile financial apps with the aim of committing fraud on the device and siphoning funds directly from from the victim’s accounts.
Additionally, rogue apps are equipped with the ability to evade detection by often hiding their home screen icons and are known to log keystrokes, capture clipboard data and abuse service permissions. accessibility to further their goals such as stealing credentials.
This involves the use of layered attacks, pointing a victim to a fake banking login page that displays on top of legitimate financial apps and can be used to steal entered credentials.
The consequences of such attacks can range from data theft and financial fraud to regulatory fines and loss of customer trust.
“Over the past decade, the financial industry has gone completely mobile for its banking and payment services and stock market trading,” the researchers said. “While this transition brings increased convenience and new options to consumers, it also introduces new fraud risks.”