Banking apps under siege as cyber attacks skyrocket.

December 17, 2023
1 min read
  • Approximately 1,800 financial apps globally have been compromised by 29 different malware families, hinting at a surge in mobile banking cyberattacks.
  • These attacks have primarily targeted traditional banking apps from the U.S., UK, and Italy, according to a report published by mobile cybersecurity company Zimperium.
  • Hook, Godfather, and Teabot were identified as the most prevalent banking backdoors, while 19 other malware families have been updated to include new capabilities.

Over the past year, the increasing number and sophistication of cyber threats have put mobile banking security under significant strain. Cybersecurity firm Zimperium has discovered that around 1,800 financial apps have been breached by nearly 30 different malware families. Furthermore, the entities most often targeted were the traditional banking apps of banks based in the U.S., UK, and Italy.

Zimperium identified Hook, Godfather, and Teabot as the most common banking backdoors used in these cyberattacks. These, along with 19 other malware families, have been updated to incorporate new tactics, such as the Automated Transfer System, Telephone-based Attack Delivery, and screen sharing. There has also been a rise in malware-as-a-service trojans, revealing the ever-evolving nature of these threats.

Zimperium’s Chief Scientist, Nico Chiaraviglio, emphasized the need for comprehensive, real-time, on-device mobile security measures to counter these advanced threats. He stated, “We are seeing that they are finding ways to bypass traditional defenses, which is why it is critical that banking and financial organizations employ comprehensive, real-time, on-device mobile security to combat these intelligent adversaries.”

Given the current high stakes in mobile banking security, the shift towards more robust and proactive protection is an imperative. The evolving sophistication of these malicious threats underscores the importance of employing thorough and up-to-date cybersecurity measures, particularly for banking and financial organizations.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and