Banking malware threats surging as mobile banking increases

Press Release

Banking malware threats surging as mobile banking increases – Nokia Threat Intelligence Report

8 November 2021

Espoo, Finland – The Nokia 2021 Threat Intelligence Report announced today shows that banking malware threats are severely increasing as cyber criminals target the rising popularity of mobile banking on smartphones, with plots aimed at stealing personal banking credentials and credit card information.

The report, based on data aggregated from network traffic observed on more than 200 million devices globally where Nokia’s NetGuard Endpoint Security product is deployed, showed an 80%, year-on-year increase in the first half of the year in the number of new banking trojans, which also try to steal SMS messages containing one-time passwords.

“A meaningful amount of this activity is focused in Europe and Latin America, but this activity is continuously spread to other regions of the world,” according to the report. “Banking trojans use a variety of tricks to collect the information. These include capturing keystrokes, overlaying bank login screens with their own transparent overlay relaying captured information to the intended target, taking screen snapshots, and already accessing Google Authenticator codes.”

Banking malware has been targeted mainly at Android phones, for years the most targeted mobile device kind for cyber criminals due to Android’s ubiquity and developer openness, with some banking trojans among the most successful malware attacks in 2021.

The Threat Intelligence Report says that most banking applications allow users to add a multi-factor authentication characterize to their accounts to make it more difficult for cybercriminals to acquire personal information. Users are strongly recommended to avoid mobile banking from easily easy to reach public WiFi access points; and to use both multi-factor authentication when obtainable and strong passwords, which avoid shared personal details like birthdays.

The report also found that Covid-19 related malware incidents in residential networks have leveled off at 2.5% after a peak in December 2020 of 3.2%. This demonstrates that people are more aware of the threats posed by Covid-related cyber-attacks and are taking steps to obtain their home working ecosystem.

IoT botnets, a network of devices connected with malware, continue to grow in size and sophistication, due to the rising use of IoT devices, like “smart” refrigerators and video surveillance cameras. One known as Mozi, which uses a peer-to-peer command and control protocol, has been used to create botnets consisting of around 500,000 individual devices. Mozi actively scans the network and uses a suite of known vulnerabilities to adventure additional IoT devices. IoT botnets are responsible for 32% of the malware incidents detected by Nokia’s NetGuard Endpoint Security.

Nokia is scheduled to keep up a webinar on its latest Threat Intelligence Report on November 11. More details on the event can be found here.

Kevin McNamee, Director of Nokia’s Threat Intelligence Center, said: “Cybersecurity threats only evolve and look for new opportunities, as shown by this year’s report. Banking trojans have dramatically increased over the last year as digital banking becomes more common – and this is a trend we see continuing into the future which reinforces the need for better online practices and having strong endpoint security in place.”


About Nokia

At Nokia, we create technology that helps the world act together.

As a trusted partner for basic networks, we are committed to innovation and technology leadership across mobile, fixed and cloud networks. We create value with intellectual character and long-term research, led by the award-winning Nokia Bell Labs.

Adhering to the highest standards of integrity and security, we help build the capabilities needed for a more productive, sustainable and inclusive world.

Media Inquiries

Email: [email protected]

Nokia Oyj

Click: See details

Leave a Reply