The Growing Risks of On-Device Fraud

Share this blog

The picture is painfully clear . . . organizations are not seeing a slowdown in financial fraud targeting  mobile devices. Mastercard recently shared that their data shows a trend of $41billion in fraud-related loss in 2022, growing to $48billion by 2023.  JuniperResearch puts the number at $91billion by 2028 and growing. With some estimates indicating that up to 70% of all fraud transactions target the mobile endpoint, the risk to mobile and their users has never been higher. 

In a recent blog post by Cleafy, an increasing trend in On-Device Fraud (ODF) has been brought to light, focusing on a specific campaign dubbed Copybara. This malware was first detected in 2021 and is evolving from Brata. This campaign primarily targets online banking customers through sophisticated social engineering and malware tactics, affecting users across the UK, Spain, and Italy. 

The zLabs team has been closely monitoring the evolution of such threats. Upon reviewing the blog’s findings, our research team conducted an independent analysis and confirmed zero-day coverage for the sample reported in the original investigation, which confirms that Zimperium customers were protected from the start, without any update required. 

Furthermore, leveraging our advanced threat detection capabilities, the zLabs team has identified an additional 35 samples related to the Copybara campaign that were not covered in Cleafy’s report. This discovery underscores the complexity and evolving nature of ODF threats. 

At the same time, zLabs team identified over 700 apps that were targeted by Copybara and were not previously reported. Information on the IOCs can be found in this repository 

To address the challenges posed by campaigns like Copybara, Zimperium offers a comprehensive suite of security solutions designed to protect enterprise devices and consumer devices. Our on-device, dynamic detection engine ensures real-time proactive protection against known and unknown mobile threats, including those that leverage social engineering and malware to conduct unauthorized transactions. 

If you want to learn more about mobile malware, Zimperium will be presenting at RSA a brief overview  of the evolution of mobile malware along with a comparison between mobile and desktop malware. Zimperium and the zLabs team also highlights the broader risks to financial apps and services against fraud and abuse, in the Zimperium 2023 Mobile Banking Heists Report as well as focused research findings on emerging threats and risks detailed in our annual Global Mobile Threat Report.

Avatar photo
Security Research. View the author's experience and accomplishments on LinkedIn.