Security News > 2022 > June > Top 10 Android banking trojans target apps with 1 billion downloads
The ten most prolific Android mobile banking trojans target 639 financial applications that collectively have over one billion downloads on the Google Play Store.
Mobile banking trojans hide behind seemingly benign apps like productivity tools and games and commonly sneak into the Google Play Store, Android's official app store.
Once they infect a device, they overlay login pages on top of legitimate banking and finance apps to steal account credentials, monitor notifications to snatch OTPs, and even carry out on-device financial fraud by abusing Accessibility services to perform actions as the user.
This finding is very worrying, as according to 2021 surveys, three out of four respondents in the U.S. use banking apps to perform their daily banking activities, providing a massive pool of targets for these trojans.
As it becomes clear from the above, each of the ten most prolific banking trojans maintains its own relatively narrow targeting scope, so the ecosystem is balanced and the operatives can pick the tool that matches their target audience.
To protect from all these threats, keep your device up to date, only install apps from the Google Play Store, check user reviews, visit the developer's site, and keep the number of installed apps on your device at a minimum.
News URL
Related news
- PixPirate Android Banking Trojan Using New Evasion Tactic to Target Brazilian Users (source)
- Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities (source)
- Banking Trojans Target Latin America and Europe Through Google Cloud Run (source)
- New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics (source)
- Vultur banking malware for Android poses as McAfee Security app (source)
- New Android Trojan 'SoumniBot' Evades Detection with Clever Tricks (source)