Mobile banking Trojans hit the list of cyber-headaches in Q2 2018. The number of installation packages for mobile banking – modifications which help attackers avoid detection by security solutions and to expand their arsenal – peaked at over 61,000. This represents a historic high; more than a three-fold growth when compared with Q1 2018, and over double the installations than in Q1 2017. This is just one of the main findings from Kaspersky Lab’s Q2 IT threat evolution report.
Mobile banking Trojans are one of the most infamous type of malware, as they are designed to steal money directly from mobile users’ bank accounts. This type of attack is attractive to cybercriminals from all over the world, looking for an easy profit. The malware is typically disguised as a legitimate app, to lure people into installing it. Once the banking app is launched, the Trojan displays its own interface overlaying the banking app’s interface. When the user inputs credentials, the malware steals the information.
The second quarter of 2018 experienced a massive influx of these types of Trojan at 61,045, which is a historic high in all the time that Kaspersky Lab has been observing such threats. The greatest contribution to the number was made by the creators of Trojan Hqwar, with about half of the new modifications discovered relating to this malware. Trojan Agent took second place with around 5,000 packages.
“The threat landscape in the second quarter of this year gives us lots of cause for concern regarding mobile users’ security. The overall growth in mobile malware installation packages – especially associated with banking – demonstrates that cybercriminals are constantly creating new modifications to their malicious software to make it more sophisticated and discreet for cybersecurity vendors to detect. User and the industry should be extremely cautious and vigilant in the coming months as the trend continues to grow,” notes Victor Chebyshev, security expert at Kaspersky Lab.