Intelligent CISO Issue 51 | Page 58

Report identifies 600 mobile apps for banking , investing and cryptocurrency and examines risk of Trojans and the mobile apps they target , the report also chronicles how this threat is increasing . In fact , the malware known as both ExobotCompact . D and Octo was originally discovered in 2017 and is the oldest known banking Trojan outlined in this report . The Android / Bianlian Botnet malware is the next oldest banking Trojan assessed and was discovered in 2018 . The eight other banking Trojans in the report were all discovered since 2020 . Among other key findings :

intelligent MOBILE SECURITY
imperium – a mobile security

Z platform purpose-built for enterprise environments – has published new research detailing the increasing risk financial institutions and consumers worldwide face due to Trojan horse malware targeting mobile applications .

This new report titled , Mobile Banking Heists : The Global Economic Threat , examines more than 600 financial apps – which account for more than 1 billion downloads worldwide – and the degree to which 10 prolific banking Trojan families target them . The report provides an audit of who these trojans target , how they ’ re deployed , how they work and which countries are most impacted .
“ Not every Trojan targeting mobile and banking apps is created equal – they ’ re disseminated differently , use different exploitation techniques and vary in other degrees of reach and sophistication ,” said Nico Chiaraviglio , VP of Security Research at Zimperium . “ We ’ ve seen ad hoc reports of different banking Trojans over the past few years and , anecdotally , people may have recognised that they ’ re increasing in scope and frequency . But until now , no one has taken a step back to analyse and understand the big picture . That ’ s exactly what our Zimperium zLabs mobile threat research team has done .”
In addition to a detailed examination of 10 major banking Trojan families
• The most targeted mobile banking application is ‘ BBVA Spain | Online Banking ’ with over 10 million downloads . This one application is targeted by six of the 10 reported banking Trojans .
• In the US , 121 financial applications are being targeted by banking Trojans , accounting for more than 286,753,500 downloads . The UK and Italy are the next most-targeted countries with 55 and 43 apps targeted , respectively .
• The top three mobile financial apps targeted by Trojans focus on mobile payments and alternative asset investments , like cryptocurrency and gold . These three apps account for over 200,000,000 downloads globally .
• The most prolific family of banking Trojan is Teabot , which is being used to target 410 of the applications listed in the report .
Zimperium ’ s research team analyses several hundred thousand applications each day , with state-of-the-art Machine Learning models and other proprietary techniques . The samples covered in this report were collected and classified using this methodology . u
58 www . intelligentciso . com