CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Mobile Banking Malware Campaigns Expand to 1,243 Financial Brands Across 90 Countries

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

A significant escalation in mobile banking malware campaigns is targeting 1,243 financial brands across 90 countries, with attacks now predominantly originating from compromised user devices. These campaigns leverage 34 active malware families affecting apps with over three billion cumulative downloads, marking a shift to industrialized, large-scale operations that evolve faster than traditional banking defenses. Mobile banking has become the dominant consumer channel, with 54% of users relying on apps for account management, increasing exposure to risk. Malicious activity has surged, including a 56% rise in Android banking trojan attacks in 2025 and a 271% increase in unique malware packages to 255,090. Online fraud rose 21% between 2024 and 2025, with one in 20 verification attempts flagged as fraudulent, and 80% of fraud now occurring through online or mobile platforms.

Timeline

  1. 19.03.2026 16:30 1 articles · 2h ago

    Mobile Banking Malware Campaigns Target 1,243 Financial Brands Globally

    A global surge in mobile banking malware campaigns is actively targeting 1,243 financial brands across 90 countries, with attacks shifting to user devices as the primary battleground. The campaigns leverage 34 active malware families, affecting apps with over three billion downloads, and have driven a 56% increase in Android banking trojan attacks in 2025 and a 271% rise in unique malware packages to 255,090. Modern malware now intercepts authentication codes, monitors live sessions, and mimics legitimate behavior, often controlling devices entirely. New variants like Sturnus and Crocodilus introduce "blackout" modes to facilitate fraud undetected.

    Show sources
    Open in new tab

Information Snippets

  • 1,243 financial brands across 90 countries are actively targeted by mobile banking malware campaigns, with 34 active malware families identified.

    First reported: 19.03.2026 16:30
    1 source, 1 article
    Show sources

  • Mobile banking apps with over three billion cumulative downloads are affected by the identified malware families.

    First reported: 19.03.2026 16:30
    1 source, 1 article
    Show sources

  • Android banking trojan attacks increased 56% in 2025, and unique malware packages rose 271% to 255,090.

    First reported: 19.03.2026 16:30
    1 source, 1 article
    Show sources

  • Online fraud increased 21% from 2024 to 2025, with one in 20 verification attempts flagged as fraudulent and 80% of fraud occurring via online or mobile platforms.

    First reported: 19.03.2026 16:30
    1 source, 1 article
    Show sources

  • Over 60% of banking apps lack basic code protection, enabling reverse engineering and tailored attacks by criminals.

    First reported: 19.03.2026 16:30
    1 source, 1 article
    Show sources

  • Modern malware families (e.g., TsarBot, CopyBara, Hook) now intercept authentication codes, monitor live sessions, and mimic legitimate app behavior, often controlling devices entirely.

    First reported: 19.03.2026 16:30
    1 source, 1 article
    Show sources

  • New malware variants such as Sturnus and Crocodilus introduce advanced techniques, including "blackout" modes that allow transactions to occur while the device appears inactive.

    First reported: 19.03.2026 16:30
    1 source, 1 article
    Show sources

  • The US has the highest concentration of targeted banking apps (162), followed by the UK (69), Spain (65), and Italy (52). Rapidly digitizing markets like India (42), Vietnam (23), and Malaysia (17) are also heavily targeted.

    First reported: 19.03.2026 16:30
    1 source, 1 article
    Show sources