Banking malware threats are increasing as cybercriminals target the rising popularity of mobile banking on smartphones with plots aimed at stealing personal banking credentials and credit card information, according to the Nokia 2021 Threat Intelligence Report.

The report, based on data aggregated from network traffic monitored on more than 200 million devices globally, showed an 80% year-on-year increase in the first half of the year in the number of new banking trojans, which also try to steal SMS messages containing one-time passwords. 

The strategies employed by banking trojans included:

  • Capturing keystrokes
  • Using a transparent overlay to capture banking login information
  • Screenshotting sensitive information
  • Targeting Google Authenticator codes

Significantly widespread malware apps noted by the report included FluBot, BlackRock and Cerberus, among others.

Banking malware has been targeted mainly at Android phones, for years the most targeted mobile device type for cybercriminals due to Android’s ubiquity and developer openness, with some banking trojans among the most successful malware attacks in 2021. Cyberattacks on Android devices made up more than 50% of all monitored malware attacks on mobile devices.

The report noted that most banking applications allow users to add a multi-factor authentication feature to their accounts to make it more difficult for cybercriminals to obtain personal information.

Download the full report here.