Some of these banking trojans can also steal OTPs from your device
Moreover, these 639 apps collectively have over a billion downloads, according to Zimperium. After infecting a device, the trojan can overlay login pages inside actual finance or banking apps. This makes it easier to steal the user’s credentials. It can also nab OTPs or one-time passwords and tap into the device’s Accessibility settings to perform actions that are otherwise restricted to the owner. In surveys conducted among the U.S. population last year, three out of four users said they access banking apps every day for financial activities. As Bleeping Computer points out (via Phone Arena), this casts a larger net for potential victims. The U.S. is the most targeted country with 121 apps, trailed by the UK (55), Italy (43), Turkey (34), Australia (33), and France (31). Unsurprisingly, Teabot is the most active trojan, targeting 410 of the 639 tracked applications. Meanwhile, Exobot has a presence across 324 apps, accounting for more than 50% of the tracked apps. Indian financial app PhonePe is among the targeted apps with the most downloads. The trojans have also infiltrated Crypto app Binance and the popular mobile payments service Cash App. Both apps have over 50 million Play Store downloads and are in the crosshairs of multiple banking trojans.
Global banking app BBVA was the most widely targeted app
The highest or more commonly targeted app is BBVA, as per the report. This is an international online banking service with millions of downloads. Seven of the ten most active banking trojans have targeted the BBVA app. Zimperium further lists the most “prolific” banking trojans in the first quarter of 2022. The likes of BianLian, Cabassous, Coper, EventBot, and Exobot make up the top five, followed by FluBot, Medusa, Sharkbot, Teabot, and Xenomorph. You can stay ahead of these risks by only downloading apps from the Play Store. Users should also make sure their apps stay updated and go through the Play Store reviews.
