IS-Specialists Talked about the 10 Most Common Banking Trojans

The top 10 mobile banking Trojans for Android target 639 financial apps, which collectively have over a billion downloads on the Google Play Store.

According to the Zimperium report, which provides an overview of the Android ecosystem in the first quarter of 2021, each of the ten malware has taken its unique place in the market in terms of the number of victim organizations and special features that distinguish one Trojan from another.

Let me remind you that we also said that Octo banking android Trojan installed over 50,000 times, and that SharkBot Trojan Again Infiltrates the Google Play Store.

Most of all banking Trojans are attacked by:

  1. United States – 121 vulnerable applications;
  2. UK – 55 vulnerable applications;
  3. Italy – 43 vulnerable applications;
  4. Turkey – 34 vulnerable applications;
  5. Australia – 33 vulnerable applications;
  6. France – 31 vulnerable applications.

The Teabot trojan has the largest number of applications, with 410 of the 639 monitored applications. Right behind it is Exobot with 324 out of 639 apps.

The vulnerable PhonePe application was downloaded the most. It is extremely popular in India and has 100 million downloads from the Play Store. Binance, the popular cryptocurrency exchange app, has 50 million downloads. Cash App, a mobile payment service for the US and UK, also has 50 million installs on the Play Store. Both of these applications are also targets for several banking trojans.

The most popular target among hackers was BBVA, a global online banking portal with tens of millions of downloads. It is targeted by seven of the ten most active banking Trojans.

Most Popular Android Banking Trojans:

  1. BianLian – targets Binance, BBVA and a number of Turkish apps;
  2. Cabassous – targets Barclays, CommBank, Halifax, Lloys and Santande banks;
  3. Coper – targets BBVA, Caixa Bank, CommBank and Santander;
  4. EventBot – targets Barclays, Intensa, BancoPosta and various other Italian apps;
  5. Exobot – Targets PayPal, Binance, Cash App, Barclays, BBVA and CaixaBank;
  6. FluBot – targets BBVA, Caixa, Santander and various other Spanish applications;
  7. Medusa – targets BBVA, CaixaBank, Ziraat and a number of Turkish banking applications;
  8. Sharkbot – targets Binance, BBVA and Coinbase;
  9. Teabot – targets PhonePe, Binance, Barclays,, Postepay, Bank of America, Capital One, Citi Mobile and Coinbase;
  10. Xenomorph – targeted at BBVA and various banking applications in the EU;
To protect device from all these threats, users should carefully monitor their device updates, install apps only from the Google Play Store, visit the developer’s website, check user reviews, and try to install as few apps of the same type on your smartphone as possible.

Helga Smith

I was always interested in computer sciences, especially data security and the theme, which is called nowadays "data science", since my early teens. Before coming into the Virus Removal team as Editor-in-chief, I worked as a cybersecurity expert in several companies, including one of Amazon's contractors. Another experience: I have got is teaching in Arden and Reading universities.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button