The number of Trojan banker attacks on smartphones surged by 196% in 2024 compared to the previous year, according to a Kaspersky report.
Cybercriminals are shifting tactics, relying on “mass malware distribution to steal banking credentials.”
Over the past year, Kaspersky detected more than “33.3 million attacks on smartphone users globally, involving various types of malware and unwanted software.”
The number of Trojan banker attacks on Android smartphones “increased from 420,000 in 2023 to 1,242,000 in 2024.”
Trojan banker malware is designed to “steal user credentials for online banking, e-payment services and credit card systems.”
Cybercriminals trick victims into downloading Trojan bankers “by spreading links via SMS or messaging apps, as well as through malicious attachments in messengers, and by directing users to malicious webpages.”
They can even send messages from a hacked contact’s account, “making the fraud appear more trustworthy.”
To deceive users, attackers often exploit “trending news and hype topics to create a sense of urgency and lower victims’ guard.”
Anton Kivva, a security expert at Kaspersky said:
“Scammers have started to scale down their efforts to create unique malware packages, focusing instead on distributing the same files to as many victims as possible. It is more important than ever to be cyber-literate and educate your loved ones – from children to the elderly – because no one is completely safe from well-crafted scams and psychological tricks designed to steal banking data.”
Although Trojan bankers are the fastest-growing type of malware, they “rank fourth overall in terms of the share of attacked users at 6%.”
The most widespread category remains “AdWare, accounting for 57% of attacked users, followed by general Trojans (25%) and RiskTools (12%).”
The ranking “includes malware, adware and unwanted software.”
In 2024, cybercriminals launched an average of “2.8 million malware, adware, and unwanted software attacks on mobile devices each month.”
Over the year, Kaspersky products “blocked a total of 33.3 million attacks.”
In 2024, Fakemoney, a group of scam apps designed “for fake investments and payouts, was the most active threat.”
Another major concern was modified versions of WhatsApp “that contained the Triada-type Trojan – a malware that can download and execute additional malicious or adware modules, for example, to display advertisements or perform other unwanted actions.”
These unofficial WhatsApp mods ranked “third in activity, just behind a general category of cloud-based generic threats.”
As covered, Kaspersky is a global cybersecurity and digital privacy company founded in 1997.
With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly “transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe.”
The company’s security portfolio “includes endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats.”
They claim to help over 200,000 corporate clients “protect what matters most to them.”