Find out which are the 10 most widespread Android Trojans in the world.
It is very common in the recent times that we have to inform you about a new banking trojan aimed at Android users, which pretends to be the official application of your bank. steal your account credentialsIntercept SMS sent by bank and even commit financial fraud pretend to be yourself by taking advantage of your mobile’s accessibility services,
In this sense, experts from the American cyber security company Zimperium have recently published a report that explains which are 10 Most Pervasive Android Trojans in the World,
These are the world’s 10 most widespread Trojans
According to Zimperium experts, the United States is The country with the most banking applications infected with Trojans, in which a total of 121 apps were attacked, are below in this order, 55 infected apps in UKItaly with 43, Turkey with 34, Australia with 33 and France attacked with 33 apps,
As far as the most attacked apps across the world are concerned, the first one is PhonePe, which is a very popular app in India. over 100 million downloadsIt is followed by one of the best cryptocurrency exchange apps, and Cash App, a widely used mobile payment service in both the United Kingdom and the United States, both. over 50 million downloads in play store.
Below is the app of the Spanish bank BBVA, which brings together Millions of downloads in the Google App Store,
Thus, according to the Zimperium researchers, The 10 Most Prolific Banking Trojans in the First Quarter of 2021 They were the following:
- teabot:this trojan is targeting PhonePe, Binance, Barclays, Crypto.com, Postpay, Bank of America, Capital One, Citi Mobile and Coinbase And it has a special keylogger for each application, which is loaded when the user launches the app.
- exobot: This Trojan attacks PayPal, Binance, CashApp, Barclays, BBVA and Caixabank And it is very small and lightweight because it uses system shared libraries
- flubot, The purpose of this Trojan is BBVA, Caixa, Santander and other Spanish applicationsBut, fortunately, Europol announced a few months ago that this malware has already been destroyed.
- sharkboat: This malware targeted Binance, BBVA and Coinbase And it has a rich set of anti-theft and anti-wipe capabilities
- bianlian: This Trojan attacks Binance, BBVA and many Turkish apps And it has a new variant, discovered in April 2022, that involves the theft of PhotoTAN, a widely used authentication method in online banking.
- EventBot: this trojan target Barclays, Intensa, Bancoposta and Other Italian AppsDisguise as Microsoft Word or Adobe Flash and Can Download New Malware Modules From Remote Sources
- kabasaus: This trojan has been targeted Barclays, Combank, Halifax, Loys and Santander and uses a domain generation algorithm (DGA) to avoid detection
- cup: This Trojan attacks BBVA, Caixa Bank, ComBank and Santander and actively monitors the device’s battery optimization “permission list” and modifies it to bypass restrictions
- medusa: this trojan target BBVA, CaixaBank, Ziraat and many Turkish banking apps, This malware can commit device fraud by abusing the accessibility service to act as a normal user on the victim’s behalf.
- Xenomorph: This Trojan is targeted For BBVA and many EU banking applications and can also act as a dropper to get additional malware onto the infected device
This study also shows that the two Trojans that attack the most applications are tbot, which infect 410 apps out of 639 tracked and exobot who did the same 324 apps out of 639 tracked,