A new report has audited banking apps available on the Google Play app store and found that a group of popular apps has been targeted by 10 financial trojan malware families.
Collectively, these apps have been downloaded over a billion times — and all of those downloads were vulnerable to potential trojan attacks.
In the US alone, 121 financial apps in categories including payment apps and blockchain wallets accounted for over 286 million downloads from the Google Play Store. Here's what to know so that you'll be ready the next time you consider downloading a new payment service.
193 Million Americans Potentially at Risk
The report, titled “Mobile Banking Heists: The Global Economic Threat” and out from mobile security platform Zimperium, identified two types of banking trojans.
The first kind is part of a larger attack, designed to secretly steal the victim's banking credentials while dismantling multifactor authentication on the mobile device. The second kind is more direct, using keylogging tools and screen scrapers to steal money right from the victim's bank account. Needless to say, both types of trojans are bad news.
Only a little over 600 financial apps being targeted — the report's one billion figure refers to the total number of times all of those apps have been downloaded.
The number of people who could be impacted is large: Three out of every four Americans, or about 193 million, use banking apps on a daily basis for simple tasks like checking their balance or transferring assets. They're all at risk for trojans.
What Apps to Worry About
What types of apps pose the biggest threat to your mobile security? Payments apps and cryptocurrency, the report indicates.
“The top three mobile financial apps targeted by trojans focus on mobile payments and alternative asset investments, like cryptocurrency and gold,” the report says. “These three apps account for over 200,000,000 downloads globally.”
In other words, the biggest and best targets for malicious actors are apps aimed at emerging financial fields.
Mobile payments are on the rise, with news items like Apple recently launching its own Buy Now, Pay Later service only drawing further interest to the space. And if you pay attention to the news, I likely don't need to tell you how big cryptocurrencies have been in recent years (even if they've been on a consistent downturn recently).
Staying Safe While Banking
One survey found that 48% of today's teenagers use mobile devices or websites to manage their money — and that's a perfectly reasonable way to track your finances. However, with banking apps offering the perfect target for the scammers of the world, it's a big security risk as well.
Only download an app you recognize from a location you trust, and even then, stay wary for seemingly official pop-ups that ask for your login data or lead to secondary website.
Getting a good VPN can help as well, and all of the best options are available on both mobile and desktop. But whatever you do, don't download any old VPN, as security apps are another potential target. We've rounded up the safest options here, and we link directly to the official websites as well.