More people use mobile financial services and payments, inviting criminals to follow consumers to the mobile channel.
Mobile malware innovations and this deluge of malicious activity targeting mobile users signals that criminals are investing more time and effort in finding ways to defraud mobile users than they ever have.
Publishers of financial apps need to protect their institutions and customers by matching attackers’ increasing investments with app security investments and innovations of their own.
Users don’t have all the tools they need to ensure the security of their mobile devices, so it’s all the more important for providers of mobile financial services to help users by hardening mobile apps with technology such as mobile app shielding which can detect and respond to these sorts of attacks (even in compromised devices) before attackers can profit.
The numbers tell the story. Kaspersky Lab’s mobile malware evolution report for 2018 reveals what the endpoint security company says could be “the strongest cybercriminal onslaught” against mobile users in history. The company reports nearly two times as many mobile malware attacks in 2018 (116.5 million) versus 2017 (66.4 million).
Last year also set records for mobile banking Trojans. The company recorded never-before-seen levels of mobile banking Trojan attacks in the second half of 2018 — almost 9 million more than in the second half of 2017. If you pay any attention to Kaspersky Lab’s quarterly reports, these findings are likely not a surprise. The surge in mobile banking Trojan attacks began in May 2018 and peaked in September.
The report concludes by stating, “For seven years now, the world of mobile threats has been constantly evolving, not only in terms of number of malicious programs and technological refinement of each new malware modification, but also due to the increasing ways in which money and valuable information can be acquired using mobile devices.”
An example of the evolution in mobile threats is mobile banking malware increasingly taking advantage of Android Accessibility Services. These services make it easier for people to interact with Android apps or devices outside of the traditional interface (e.g., someone with impaired vision can control their Android device with their voice rather than having to tap the screen). Unfortunately, accessibility services also enable an app to interact with other apps on the device and in some cases take advantage of them.
At the end of 2018, researchers discovered Android malware that posed as a battery optimization app but instead targeted the PayPal app and used accessibility services to send money to an account controlled by the attacker. Worst of all, this attack occurred in a matter of seconds so that users had no time to intervene.