March 3, 2025 – Cybercriminals significantly escalated their attacks on mobile banking data in 2024, with Trojan banker attacks surging by an alarming 196% compared to the previous year, according to Kaspersky’s latest report, The Mobile Malware Threat Landscape in 2024. The report was unveiled at the Mobile World Congress 2025 in Barcelona, highlighting a drastic shift in cybercriminal tactics.
Over the past year, Kaspersky detected more than 33.3 million attacks targeting smartphone users globally. This wave of cyber threats involved various types of malware and unwanted software, with a particular focus on financial data theft.
Trojan Banker Surge on Android Devices
Kaspersky’s analysis revealed that attacks using Trojan banker malware on Android smartphones skyrocketed from 420,000 cases in 2023 to a staggering 1,242,000 in 2024. These malicious programs are designed to steal online banking credentials, payment service logins, and credit card details.
Cybercriminals have been refining their deception tactics, tricking victims into downloading Trojan banker malware through SMS messages, messaging apps, malicious attachments, and fake websites. In many cases, attackers even hijack compromised contacts’ accounts to send fraudulent messages, making scams appear more legitimate.
Scammers Prioritizing Mass Distribution Over Unique Malware
“Scammers have started to scale down their efforts to create unique malware packages, focusing instead on distributing the same files to as many victims as possible. It is more important than ever to be cyber-literate and educate your loved ones – from children to the elderly – because no one is completely safe from well-crafted scams and psychological tricks designed to steal banking data,” said Anton Kivva, a security expert at Kaspersky.
Mobile Malware Landscape: Adware Dominates
Despite the sharp rise in Trojan banker attacks, they only ranked fourth in terms of the overall share of attacked users at 6%. The most widespread mobile threat in 2024 was AdWare, affecting 57% of attacked users, followed by general Trojans (25%) and RiskTools (12%).
On average, cybercriminals launched 2.8 million malware, adware, and unwanted software attacks on mobile devices each month in 2024. By year’s end, Kaspersky had blocked a total of 33.3 million such attacks worldwide.
Major Cyber Threats in 2024
Among the most active threats was Fakemoney, a group of fraudulent apps posing as investment and payout platforms. Additionally, modified versions of WhatsApp containing the Triada Trojan – capable of downloading and executing further malicious modules – were widely distributed. These unofficial WhatsApp modifications ranked as the third most active threat category, just behind general cloud-based threats.
How to Protect Yourself from Mobile Threats
Kaspersky recommends the following precautions to mitigate mobile security risks:
- Be cautious with app downloads: While official stores like the Apple App Store and Google Play are generally safer, they are not foolproof. Kaspersky recently discovered SparkCat, a screenshot-stealing malware that bypassed App Store security and infected 20 apps across both platforms. Always check app reviews, download numbers, and use only verified links from official websites.
- Review app permissions: Pay close attention to the permissions requested by apps. High-risk permissions, such as Accessibility Services, should only be granted when absolutely necessary. For example, a flashlight app should require only flashlight access, not camera or storage permissions.
- Keep software updated: Installing the latest updates for your operating system and important apps helps patch vulnerabilities and strengthen security defenses.
With mobile threats on the rise, staying vigilant and adopting security best practices is more crucial than ever.
