Mobile‑banking malware surge
Mobile‑banking malware is now targeting more than 1,200 financial apps worldwide — a broad, global surge that threatens smartphone-first banking users and fintech rails (infosecurity-magazine.com). This spike underlines why banks and fintechs are racing to harden mobile SDKs and detection systems to stop credential‑theft and real‑time fraud (infosecurity-magazine.com).
Zimperium’s zLabs says it tracked 34 active malware families that targeted 1,243 financial apps across 90 countries during 2025. (prnewswire.com) Those campaigns drove a 67% year‑over‑year rise in Android malware‑driven financial transactions, and Zimperium reports the U.S. had the largest concentration of targeted apps — 162, up from 109 in 2023. (prnewswire.com) Three families — TsarBot, CopyBara and Hook — together account for more than 60% of the global fintech and banking apps under attack, according to the same analysis. (prnewswire.com) Zimperium also found nearly half of the malware families include financial‑extortion or ransomware capabilities, enabling attackers to encrypt device files in addition to stealing credentials. (prnewswire.com) Security vendors and industry analysts point to app shielding, runtime application self‑protection (RASP), code obfuscation and SDK vetting as concrete defensive moves banks are adopting, and industry guidance stresses extending protections into the mobile runtime. (guardsquare.com (build38.com) Independent telemetry from Kaspersky shows banking‑trojan attacks on smartphones surged in 2024 (a 196% increase year‑over‑year with 1,242,000 detections), adding corroborating evidence that the shift to on‑device fraud predated and feeds into the 2025–26 rise Zimperium documents. (kaspersky.com)
