LAHORE: Cybercriminals are shifting tactics, increasingly relying on mass malware distribution to steal banking credentials. This has led to a 196 per cent surge in the number of Trojan banker attacks on smartphones in 2024 compared to the previous year.

According to a Kaspersky report, ‘The Mobile Malware Threat Landscape in 2024’, the company detected over 33.3 million attacks on smartphone users globally in the past year, involving various types of malware and unwanted software.

The number of Trojan banker attacks on Android smartphones rose from 420,000 in 2023 to 1,242,000 in 2024. Trojan banker malware is designed to steal user credentials for online banking, e-payment services, and credit card systems.

Cybercriminals trick victims into downloading Trojan bankers by spreading malicious links via SMS and messaging apps, embedding them in attachments, and directing users to fraudulent webpages. Attackers often exploit trending news and hype topics to create a sense of urgency, lowering victims’ defences. They may even send messages from hacked contacts, making the scams appear more trustworthy.

Cybersecurity expert Arsalan Bokhari warned that Pakistani banking users are not exempt from the global rise in banking Trojan attacks. “This has become a serious financial security threat in Pakistan, where financial scams are reported almost daily,” he said. Bokhari stressed the need for stronger cybersecurity laws and stricter regulations on digital banking. However, he emphasised that public awareness is equally crucial.

He urged the government, financial institutions, and telecom operators to collaborate on nationwide awareness campaigns using social media, television, and SMS alerts. “Educating users about phishing scams, safe banking practices, and the importance of cybersecurity can significantly reduce such attacks,” he added.

Scammers have increasingly shifted away from creating unique malware packages, focusing instead on distributing the same malicious files to as many victims as possible. Bokhari highlighted the importance of cybersecurity awareness for all age groups, from children to the elderly, as no one is completely safe from well-crafted scams and psychological tricks designed to steal banking data.

Although Trojan bankers are the fastest-growing type of malware, they rank fourth overall in terms of the share of attacked users, accounting for 6 per cent. The most widespread category remains AdWare, which affects 57 per cent of attacked users, followed by general Trojans (25 per cent) and RiskTools (12 per cent). These categories include malware, adware, and unwanted software.

In 2024, cybercriminals launched an average of 2.8 million malware, adware, and unwanted software attacks on mobile devices each month. Over the year, Kaspersky products blocked a total of 33.3 million attacks.

One of the most active threats in 2024 was ‘Fakemoney’, a group of scam apps designed for fake investments and payouts. Another major concern was modified versions of WhatsApp containing the Triada-type Trojan — a malware that can download and execute additional malicious or adware modules. These unofficial WhatsApp mods ranked third in activity, just behind a general category of cloud-based generic threats.