Banking Malware Infects 248,000 Mobile Users Through Social Engineering Techniques

In 2024, the number of users affected by mobile banking malware skyrocketed to nearly 248,000, a staggering 3.6-fold increase from the previous year’s 69,000 affected users.

This dramatic rise in malicious activity was particularly pronounced in the latter half of the year, indicating an evolving threat landscape in the mobile finance sector.

Mamont Emerges as Dominant Threat

The Mamont Trojan family emerged as the most prolific mobile banking malware, accounting for 36.7% of all attacks.

First appearing in late 2023, Mamont primarily targeted users in Russia and CIS countries.

The malware’s distribution methods ranged from classic “Is that you in the picture?” scams to more sophisticated social engineering schemes involving fake stores and delivery tracking applications.

Geographical Hotspots and Evolving Tactics

Turkey remained the prime target for mobile banking malware, with 5.68% of users encountering financial threats, an increase of 2.7 percentage points from the previous year.

Indonesia and India followed, with 2.71% and 2.42% of users affected, respectively.

The geographical spread of attacks highlights the global nature of this threat.

According to the Report, the landscape of mobile banking malware saw significant shifts in 2024.

While the previously dominant Bian.h variant dropped to eighth place, new samples like Agent.rj (11.14%), UdangaSteal.b (3.17%), and Coper.c (2.84%) entered the top rankings.

This diversification of malware families suggests that cybercriminals are continuously developing and deploying new tools to evade detection and maximize their reach.

The surge in mobile banking malware attacks underscores the critical need for enhanced security measures in the mobile finance ecosystem.

As cybercriminals increasingly leverage social engineering techniques to distribute their malware, user awareness and robust security solutions become paramount.

Financial institutions and mobile app developers must prioritize security features such as multi-factor authentication and real-time threat detection to mitigate these evolving risks.

To protect against mobile banking malware, users are advised to download apps only from official app stores, use strong and unique passwords, enable multi-factor authentication, and install reputable mobile security solutions.

Additionally, staying vigilant against suspicious messages and verifying the authenticity of financial-related communications can significantly reduce the risk of falling victim to these sophisticated attacks.

As the digital finance landscape continues to expand, the arms race between cybercriminals and security professionals intensifies.

The dramatic increase in mobile banking malware infections serves as a stark reminder of the ongoing need for innovation in mobile security and user education to safeguard financial transactions in an increasingly mobile-first world.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup – Try for Free