Mobile Banking Heists: The Emerging Threats and How to Respond

Over the past year, the banking and financial management landscape has witnessed remarkable technological advancements, significantly enhancing customer convenience while introducing heightened security risks. The evolution of mobile devices into personal ATMs has revolutionized financial services, offering a wide array of functionalities from payments to cryptocurrency transactions. However, alongside these advancements, the rise of mobile banking trojans poses a substantial threat to customers’ financial assets and sensitive information.

Banking trojans, meticulously designed to target mobile financial applications, continue to pose a significant challenge to the banking and financial services sector. These sophisticated attacks wreak financial havoc across customer bases, leading to potential financial loss, identity theft, reputational damage, and operational disruptions. Much like historical bank robberies perpetrated by figures like Bonnie and Clyde, the exploitation of mobile devices for illicit financial gain offers malicious actors significant rewards with reduced physical risks.

Zimperium’s 2023 Banking Heists Report, compiled by our zLabs research team, sheds light on the alarming landscape of mobile banking trojans. The report reveals that 29 malware families targeted a staggering 1,800 banking apps across 61 countries in the past year alone.

Traditional banking applications remain the primary target, comprising 61% of the 1,800 compromised apps, while emerging FinTech and Trading apps constitute the remaining 39%.

Top banking malware families, such as Hook, Godfather, and Teabot, target a significant number of financial institutions.

The evolution of 19 malware families from the previous year’s report, alongside the emergence of 10 new families, underscores the evolving threat landscape.

New capabilities observed within banking malware, including Automated Transfer System (ATS), Telephone-based Attack Delivery (TOAD), Screen Sharing, and Malware-as-a-Service (MaaS), highlight the increasing sophistication of malicious tactics.

The report serves as a comprehensive resource to help organizations understand and combat the threat posed by mobile banking trojans. By providing detailed insights into the unique characteristics and capabilities of various malware families, we aim to support organizations in their efforts to secure their infrastructure, data, and customers.