The year 2023 witnessed a chilling rise in Android banking malware, with a staggering ten new trojan families emerging to prey on unsuspecting mobile users.

These digital wolves in sheep’s clothing targeted a colossal 985 bank apps, spanning across a vast landscape of 61 countries. This alarming statistic paints a grim picture of a rapidly evolving cybercrime landscape, where even our most trusted financial tools are under constant siege.

Zimperium has examined ten new banking trojans with over 2,100 variants circulated in the wild, masquerading as special utilities, productivity apps, entertainment portals, photography tools, games, and education aids.

Buy Me a Coffee

These ten new trojans are listed below:

  1. Nexus: MaaS (malware-as-a-service) with 498 variants offering live screen-sharing, targeting 39 apps in nine countries.
  2. Godfather: MaaS with 1,171 known variants targeting 237 banking apps in 57 countries. It supports remote screen-sharing.
  3. Pixpirate: Trojan with 123 known variants powered by an ATS module. It targets ten bank apps.
  4. Saderat: Trojan with 300 variants targeting eight banking apps in 23 countries.
  5. Hook: MaaS with 14 known variants powered by live screen-sharing. It targets 468 apps in 43 countries and is rented to cybercriminals for $7k/month.
  6. PixBankBot: Trojan with three known variants targeting four banking apps. It comes with an ATS module for on-device fraud.
  7. Xenomorph v3: MaaS operation with six variants capable of ATS operations, targeting 83 bank apps in 14 countries.
  8. Vultur: Trojan with nine variants targeting 122 banking apps in 15 countries.
  9. BrasDex: Trojan that targets eight bank apps in Brazil.
  10. GoatRat: Trojan with 52 known variants empowered by an ATS module, targeting six banking apps.
READ
What You Should Never Share on Social Media: Protecting Your Privacy and Security

Of the malware families that existed in 2022 and were updated for 2023, those that maintain notable activity are Teabot, Exobot, Mysterybot, Medusa, Cabossous, Anubis, and Coper.

Regarding the most targeted countries, first on the list is the United States (109 targeted bank apps), followed by the United Kingdom (48 bank apps), Italy (44 apps), Australia (34), Turkey (32), France (30), Spain (29), Portugal (27), Germany (23), and Canada (17).