Cybercriminals have been actively targeting the banking sector as they release malware threats that strike mobile finance applications to steal victims’ banking credentials and credit card details. Based on data from network traffic observed on over 200 million international devices, there was about an 80% yearly increase of new banking malware and trojans that steals text messages sent containing one-time passwords (OTP) from 2021’s first half.
Reports state that the malware activities on banking applications are targeted to Europe and Latin America. Nonetheless, it was also highlighted that cybercriminals are continuously spreading these activities all over the world.
Furthermore, it was known that banking trojans collect and steal data through various tricks, such as overlaying banking applications’ login screens with a transparent overlay that captures the credentials entered by the victim. Other tricks include taking unsolicited screenshots and accessing Google Authenticator codes.
Android phones are usually the devices that get hit by mobile banking malware. Cybercriminals tend to be interested in Android’s operating system due to its omnipresence and openness to developers.
Most mobile banking applications let users add multi-factor authentication (MFA) feature to secure their accounts against the threats of cybercriminals. Experts have advised consumers to avoid using their banking application accounts if connected to public WiFi access points. Avoiding common password combinations such as birthdays are also highly suggested, along with enabling MFA.
Additional data stated that pandemic-related malware incidents against residential networks had stabilised recently with a 2.5% rate after peaking last December 2020 with a 3.2% rate. Researchers said that this data demonstrated people’s awareness of cyber threats delivered by the pandemic and took extra efforts to secure their environment from potential risks.
IoT botnets are also reported to have been rising in size and sophistication because of the growing use of IoT devices worldwide, like surveillance cameras (CCTV) and smart refrigerators. IoT botnets are explained as a set of devices that have been infected with malware.
Cybersecurity experts conclude that threats such as malware infection against mobile banking applications only evolve each passing time as they look for further opportunities to execute attacks. Since banking and financial apps have become prevalent worldwide, banking trojans leverage the chance.