Cybersecurity researchers discovered 196,476 new mobile banking Trojan installers in 2022, more than double the figures from 2021.
The findings from Kaspersky were shared in a company report published earlier today and shared with Infosecurity via email.
“This alarming surge in the number of mobile banking Trojans is also the highest ever reported in the last six years,” the company wrote.
According to the security experts, the figures suggest that cyber-criminals are increasingly targeting mobile users to steal financial data and actively investing in creating new malware.
“Cyber-criminals often spread Trojan banker malware through both official and unofficial app stores,” reads the report.
“Google Play still contained downloaders for other banking Trojan families, such as Sharkbot, Anatsa/Teaban, Octo/Coper, and Xenomorph, all masquerading as utilities.”
More generally, Kaspersky wrote it detected 1,661,743 malware or unwanted software installers overall in 2022, 1,803,013 less than in 2021.
“Despite the decline in overall malware installers, the continued growth of mobile banking Trojans is a clear indication that cyber-criminals are focusing on financial gain,” explained Kaspersky security expert Tatyana Shishkova.
“As our lives increasingly revolve around mobile devices, it’s more important than ever for users to remain vigilant against mobile threats and take the necessary steps to protect themselves.”
The report also contains a series of recommendations to help users defend themselves against mobile threats.
These include downloading apps only from official stores. App permissions should also be checked regularly, and apps always kept up to date.
“A reliable security solution can help you to detect malicious apps and adware before they start behaving badly on your device,” Kaspersky told Infosecurity in an email.
“iPhone users have some privacy controls provided by Apple, and users can block app access to photos, contacts and GPS features if they think these permissions are unnecessary.”
The Kaspersky report seems to confirm a September 2022 forecast by PwC suggesting mobile would be one of the top threat vectors for this year.