SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Mobile banking malware threat surges globally, says Zimperium report
Wed, 20th Dec 2023

Zimperium, an expert in mobile security, has revealed the findings of its annual Mobile Banking Heist report. The report documents the evolving threat landscape and growing success of mobile banking trojans across the world.

In 2023, 29 malware families targeted a total of 1,800 banking apps across 61 countries, a significant increase compared to the previous year when 10 malware families targeted 600 banking apps.

Banking trojans are becoming ever more successful due to their ability to endure, bypass security, and evade detection on mobile devices. With ever-increasing investment by financially motivated threat actors, traditional security measures are struggling to keep pace.

U.S. banking institutions remained the most targeted, with 109 banks becoming victims of malware. The United Kingdom followed suit with 48 targeted banking institutions while Italy had 44 targeted banks. The report also notes an evolution of these trojans, with malware now also attacking cryptocurrency, social media, and messaging apps.

"Mobile banking security is currently in a high-stakes scenario, with numerous threat actors posing substantial risks," said Nico Chiaraviglio, Chief Scientist of Zimperium.

"This report shows the sophistication, adaptability, and scalability of banking trojans and their widespread impact on mobile applications globally. Banking and financial organisations need to employ comprehensive, real-time, on-device mobile security to combat these intelligent adversaries as they are finding ways to bypass traditional defences."

The report goes on to reveal that traditional banking applications remain the prime targets, with a staggering 1,103 compromised apps, accounting for 61% of the 1,800 targets.

Emerging FinTech and trading apps make up the remaining 39%. The top banking malware families by banks targeted are Hook, Godfather, and Teabot. The report highlights emergent capabilities of banking malware, including unauthorised money transfers, "telephone-based attack delivery", remote control of a victim's device, and Malware-as-a-service.

Based on their ongoing monitoring of millions of devices, Zimperium's data paints an alarming picture of just how widespread, global, and successful mobile banking malware can be.

Jon Paterson, Chief Technology Officer at Zimperium stated that "cybercriminals continue to target traditional banking apps and FinTech & Trading apps because of widespread use of dated app security techniques that are falling short". He further emphasised the importance of a comprehensive mobile-first security strategy for combating these trojans.

The report also outlines some of the strategies that can help combat these rising threats, such as ensuring protection matches threat sophistication, implementing visibility during runtime for comprehensive threat monitoring and modelling, as well as implementing on-device protection mechanisms for immediate action upon threat detection.

Zimperium concludes by highlighting just how essential a proactive and adaptive security stance is now necessary, given the evolving nature of banking malware.