Mobile Banking Heists: The Emerging Threats and How to Respond

Share this blog

The past year has witnessed significant technological advancements in the banking and financial management which have greatly improved convenience for customers while also increasing security risks that should not be taken lightly. The financial industry has transformed mobile devices into a personal ATM for customers, offering services ranging from payments to cryptocurrencies, banking to investments. However, this digital evolution has also brought new threats in the form of mobile banking trojans, endangering customers’ financial assets and critical information.

Banking trojans are specially crafted to target mobile financial applications. The banking and financial services sector continues to experience increasingly sophisticated attacks by trojans, wreaking financial havoc across their customer base. Banks, investment firms, cryptocurrency wallets, etc. are subject to these catastrophic attacks that can result in financial loss, identity theft, reputation damage, disruption of operations and more.

Banks are kind of caught between a rock and a hard place. As you make a business easier to access for customers, at the same time you could be making it easier for robbers. – J. Branch Walton, President of the National Association for Bank Security.

Just as bank robbers like Bonnie and Clyde would hold up physical bank locations, accessing users’ finances through mobile devices has opened up opportunities for greater rewards and reduced physical risks. The malicious actors behind banking trojans are counting on mobile applications and endpoints lacking comprehensive security solutions to detect and prevent their actions. With the growing number of mobile financial applications available to users there are new targets being added daily.

Zimperium’s 2023 Banking Heists Report Zimperium zLabs research team found that 29 malware families targeted 1,800 banking apps across 61 countries just in the last year alone. 

Our 2023 Banking Heists Report provides an overview of the risks to mobile financial applications, including profiles of malware families. It highlights the unique malicious features of each mobile banking trojan, emphasizing their effectiveness as tools.

Below is a snippet of the  information we provide in report:

  • Traditional banking applications remain the prime target, with a staggering 1,103 compromised apps —accounting for 61% of the 1800 targets—while the emerging FinTech and Trading apps make up the remaining 39%.
  • Hook, Godfather, and Teabot are the top banking malware families, measured by the number of banks targeted.
  • The 19 malware families from last year’s report have evolved with new capabilities, and 10 new families have been identified as a threat in 2023.
  • New capabilities observed within banking malware this year include:
    • Automated Transfer System (ATS): A technique that facilitates unauthorized transfers of money.
    • Telephone-based Attack Delivery (TOAD): Involves a follow-up call to gain trust and download more malware.
    • Screen Sharing: Being able to remotely control a victim’s device without having physical access to it.
    • Malware-as-a-Service (MaaS): An online business model offering malware creation tools for rent or sale, facilitating easy execution of cyberattacks.

This report aims to address the mobile banking trojans targeting financial institutions daily and to support the critical work you’re already doing to secure your organization, data, and customers.

Read the full report today and watch our regional on-demand webinars to hear from our threat research team.

Avatar photo
Mobile App Security Expert. View the author's experience and accomplishments on LinkedIn.