The number of attacks using banking Trojans, programs designed to steal users’ banking credentials in order to later exploit them and drain targets’ bank accounts, continued on its path in 2021. This is revealed in the annual report of the cybersecurity company Kapersky devoted to threats on mobile devices.
The threat is still strong. According to cybersecurity firm Kapersky’s annual report, 2.367million attacks using banking Trojansprograms designed to steal users’ banking credentials in order to later exploit them and drain targets’ bank accounts, were recorded in 2021. That’s only 600,000 less than in 2020.
France is thus part of the top 5 of the most affected countries with 0.57% of users hit by a banking Trojan, according to the report. Attackers have also upgraded their banking Trojans, with Kaspersky detecting over 95,000 new versions in the last year, many with improved capabilities.
Examples of Banking Trojans
The report mentions the banking Trojan Fakecalls, able to mute calls when users attempt to contact the bank, replacing audio recordings with answers prepared by the operator. This way, users think they are talking to a real bank employee or a standard answering bot, and thus unwittingly share sensitive information with attackers, the report notes.
Other malware acts more subtly. The Banking Trojan sova is capable of stealing users’ cookies and thereby accessing personal accounts in mobile banking applications, without necessarily knowing login information and passwords, the report explains.
Kaspersky observes that the attacks particularly target banking and gaming applications. The identifiers of the latter are often then sold on the darknet or used to steal virtual goods from users.
Nevertheless, overall, the number of attacks on mobile users worldwide decreased in 2021, reaching 46million compared to 63million in 2020. In France, its number has decreased by more than 30%. Kapersky believes that this development is due to the return of face-to-face employees and the end of telework introduced at the start of the pandemic. Indeed, in 2020, a wave of attacks had been observed. Since workers have returned to the office, cybercrime has been on the decline.
Which bank has the best app? Decrypted banking apps
save on fees and earn up to €400 thanks our comparison of life insurance
Caution to avoid these cyberattacks
This report is not intended to invite you to delete your banking applications, budget management or even your favorite games. However, some tips might be useful and reassure you about downloading and using these applications.
- Remember to download your applications only from the official app stores such as Apple App Store, Google Play or Amazon Appstore. They are checked by representatives of the store and there is a certain filtering system.
- Check them app permissions which you mostly use when dealing with high-risk permissions like accessibility services. For example, the only permission a flashlight app needs is for light, not camera access.
- Think update your operating system and important applications as updates become available. Many issues are resolved with updated versions of software.
Online banking: comparison of offers