One cybersecurity firm saw a doubling of such apps last year, a signal that cybercriminals are closing in on cavalier mobile users

With the evolution of mobile services and technologies, mobile threats are becoming increasingly prevalent. One cybersecurity firm has seen a doubling of mobile landscape threats from 2021 to 2022, comprising 1,661,743 malware or unwanted software installers detected in its protection ecosystem.

According to Kaspersky’s user base telemetry, one of the most prevalent and worrying mobile threats last year was mobile banking trojans: 196,476 were detected in 2022, twice more than in 2021, and the highest figure in its ecosystem in the past six years.

Cybercriminals often spread such trojan banker malware through both official and unofficial app stores. Google Play still contains downloaders for Sharkbot, Anatsa/Teaban, Octo/Coper, and Xenomorph — all disguised as utilities. For example, Sharkbot actively distributed downloaders mimicking a file manager that can request permission to install further packages necessary for the trojan to function on the user’s device, putting the user’s security at risk.

According to a security expert at the firm, Tatyana Shishkova: “Despite the decline in overall malware installers, the continued growth of mobile banking trojans is a clear indication that cybercriminals are focusing on financial gain. As our lives increasingly revolve around mobile devices, it’s more important than ever for users to remain vigilant against mobile threats and take the necessary steps to protect themselves.” 

Shishkova reminds readers to be wary when granting various types of access permissions to mobile apps during installation, especially when it comes to high-risk permissions such as Accessibility Services. Installing a reliable security watchdog on the device, as well as enabling privacy controls and automatic operating system updates are also important safety nets. Also, Kaspersky is calling on the mobile industry to enhance cyber protection at all levels, including security for users, by providing tailored cybersecurity services for different user profiles.