Threat Report

Hunting the Command & Control Servers: Android Banking Trojans in the First Half of 2023

As the world increasingly relies on digital financial services, the threat of mobile banking trojans looms. These sophisticated attacks have the potential to cause significant damage to both financial institutions and their customers. This report aims to provide an overview of the latest trends in the threat landscape of Android banking trojans. Outseer’s FraudAction Anti-Trojan Service team (ATS team) has observed a concerning increase in the number of Command and Control (C&C) servers used by these trojans compared to the second half of 2022, indicating that these attacks are on the rise. Additionally, we have seen an alarming increase in the number of financial institutions and non-financial companies being targeted by these trojans.

This report will provide an overview of trending banking trojans observed in the first half of 2023, along with an analysis of the unique characteristics that set Android banking trojans apart from other types of Android malware. We will also delve into the various techniques used by malware authors to achieve communication between infected devices and their C&C servers, which are hidden within the code of APKs. Lastly, we will discuss the importance of detecting and terminating the threat to minimize and prevent the potential damage these trojans can cause organizations and their customers.

If you would like to confirm whether your brand is included in the list of overlay injections offered by this specific threat actor, kindly provide your request in the comments section of the form.

Get the Report