Zimperium: Banking Trojans “increasing in scope and frequency”

Mobile security firm Zimperium has warned that financial service providers are experiencing a surge in Trojan horse malware attacks.

The company’s latest report titled ‘Mobile Banking Heists: The Global Economic Threat’ has identified the degree to which 10 individual banking Trojans are targeting over 600 financial apps with one billion downloads globally.

“Not every trojan targeting mobile and banking apps is created equal – they’re disseminated differently, use different exploitation techniques, and vary in other degrees of reach and sophistication,” commented Nico Chiaraviglio, VP of Security Research at Zimperium.

All the malwares highlighted by the security firm have been discovered relatively recently. The Trojan known as both ‘ExobotCompact.D’ and ‘Octo’ is the oldest one in the report, having been first noticed in 2017. Second in line is the ‘Android BianLian Botnet’, identified in 2018 and still very much alive today. The rest of the eight banking Trojans have all been first detected since 2020.

“We’ve seen ad hoc reports of different banking trojans over the past few years, and anecdotally, people may have recognized that they’re increasing in scope and frequency,” Chiaraviglio added. “But until now, no one has taken a step back to analyse and understand the big picture. That’s exactly what our Zimperium zLabs mobile threat research team has done.”

Among its findings, Zimperium revealed that the most targeted mobile banking app is ‘BBVA Spain | Online Banking’, with six out of the 10 Trojans reportedly attempting to breach it.

Furthermore, the most prolific Trojan malware has been identified to be ‘Teabot’, having participated in attacks towards 410 of all listed applications.

The topmost targeted mobile finance applications focus on mobile payments and asset investments such as crypto and gold. And the country suffering from most attacks is the US, followed by the UK and Italy