Banking Data Theft Attacks
The number of Trojan banker attacks on smartphones saw a dramatic increase of 196 percent in 2024 compared to the previous year, according to a report by global cybersecurity company Kaspersky.
The report, titled “The Mobile Malware Threat Landscape in 2024,” highlights how cybercriminals are adapting their methods, shifting towards mass malware distribution to steal banking credentials from unsuspecting users.
Over the past year, Kaspersky detected more than 33.3 million attacks targeting smartphone users worldwide, involving different types of malware and unwanted software. One of the most alarming trends noted in the report is the significant rise in Trojan banker attacks on Android smartphones.
The number of such attacks surged from 420,000 in 2023 to 1,242,000 in 2024. Trojan banker malware is specifically designed to steal login credentials for online banking platforms, e-payment services, and credit card systems, putting users’ financial security at serious risk.
Victims often fall prey to these attacks after being tricked into downloading malicious software through various means. Cybercriminals use deceptive tactics such as sending links via SMS and messaging apps, attaching infected files in online conversations, or directing users to fraudulent websites.
The report further warns that attackers can even gain control of a hacked contact’s account and send messages that appear to be from a trusted source, making the scam seem more legitimate. To lower victims’ defenses, hackers often take advantage of trending news or create a false sense of urgency to pressure individuals into clicking on harmful links.
Anton Kivva, a security expert at Kaspersky, pointed out a shift in cybercriminal strategies. Instead of focusing on developing unique malware packages, scammers are now prioritizing widespread distribution of the same malicious files to target as many victims as possible.
He stressed the importance of cybersecurity awareness, emphasizing that everyone, from children to the elderly, needs to be informed about online threats. He added that well-crafted scams use psychological manipulation to steal banking data, making cyber literacy more essential than ever.
While Trojan bankers are the fastest-growing type of malware, the report revealed that they account for only six percent of all attacked users. The most prevalent category remains AdWare, which affected 57 percent of attacked users, followed by general Trojans at 25 percent and RiskTools at 12 percent.
Cybercriminals launched an average of 2.8 million malware, adware, and unwanted software attacks on mobile devices every month throughout 2024, with Kaspersky’s security products blocking a total of 33.3 million attacks over the year.
Commenting on the alarming rise in mobile banking malware attacks, Shahzad Shahid, an expert in IT and digital economy policy in Pakistan, called for a comprehensive approach to cybersecurity. He emphasized that public awareness and education are the first lines of defense against such threats.
People must be encouraged to practice safe digital habits, including avoiding suspicious links, enabling multi-factor authentication, and regularly updating their security software.
He also stressed the need for government intervention, suggesting that cybersecurity education should be integrated into academic curricula and that financial institutions and digital service providers should adhere to strict regulatory measures.
The report also warns users that even downloading apps from official stores does not guarantee complete safety. To minimize risk, Kaspersky advises users to carefully check app reviews and download numbers before installation, rely only on links from official websites, and use reliable security software.
It recommends using security solutions like Kaspersky Premium, which can detect and block malicious activity within applications, helping users safeguard their personal and financial data.
