In 2022, Kaspersky experts discovered nearly 200,000 new mobile banking Trojans, doubling the previous year. This worrying growth is also the highest ever recorded in the last six years. These and other findings are contained in Kaspersky's "Mobile Threats in 2022" report.
As mobile services and technologies evolve, threats are becoming more prevalent. To address this growing concern, Kaspersky experts continuously monitor the threat landscape, track trends, and keep users and the cybersecurity community informed about potential dangers. In 2022, Kaspersky products detected 1,661,743 malware or unwanted software installations.
One of the most widespread and worrying mobile threats is mobile banking Trojans, which are used to search for data related to online banking and electronic payment systems. Kaspersky detected 196,476 mobile banking Trojan installations in 2022, double the number in 2021 and the record for the past six years. This underscores that cybercriminals are targeting mobile users and are increasingly interested in stealing financial data and actively investing in creating new malware that can lead to major losses for their victims. Cyber criminals often proliferate banker Trojan malware through both official and unofficial app stores. Google Play still contains downloaders for banking Trojan families, such as Sharkbot, Anatsa/Teaban, Octo/Coper and Xenomorph, all disguised as utilities. For example, Sharkbot actively distributes downloaders that simulate a file manager that can request permission to install additional packages necessary for the Trojan to work on the user's device, putting its security at risk.
"Despite the decline in overall malware installations, the continued growth of mobile banking Trojans is a clear indication that cybercriminals are focusing on economic profit. As our lives increasingly revolve around mobile devices, it is critical for users to continue to pay attention to mobile threats and take the necessary steps to protect themselves." Tatyana Shishkova, Security Expert at Kaspersky.
The full report on mobile threats in 2022 is available on Kaspersky's Securelist.
To protect against mobile threats, Kaspersky recommend that you:
Download applications only from official stores such as Apple App Store, Google Play or Amazon Appstore. Although they are not 100% sure, at least store managers are checked, and a selection system is available: not all apps can be published on these stores.
Check the settings of the applications you use and be careful before authorizing an application, especially when it comes to high-risk applications such as Accessibility Services.
A reliable security solution can help detect malicious apps and adware before they start causing problems on your device. Importantly, it is possible to obtain protection, such as that offered by Kaspersky consumer products, directly from mobile operators.
iPhone users have some privacy controls provided by Apple and can block app access to photos, contacts, and GPS features if they feel these permissions aren't necessary.
Update your operating system and important applications as soon as the latest versions are available to address many security issues.
Kaspersky calls on the mobile industry to improve cyber protection at all levels, including user security, by providing tailor-made cybersecurity services. kaspersky Consumer Business Alliances enables companies to offer their customers a comprehensive portfolio of cybersecurity thanks to kaspersky's global support and expertise.