Mobile Devices Targeted by 33.3 million Cyber Attacks in 2024, with 3rd party versions of WhatsApp and Adware being top threats

In 2024, a significant total of 33.3 million attempts involving malware, adware, and other unwanted mobile software were successfully blocked. This translates to an alarming average of 2.8 million attempted attacks every month, underscoring the ever-present and evolving threats mobile users face globally.

Research shows that adware continues to be the most common mobile security risk, making up around 35% of all detected malicious activities. According to Ani Petrosyan, cybersecurity analyst and researcher, In the third quarter of 2023, the number of installation packages for mobile banking trojans worldwide amounted to 21,674 with a slight decline in 2024.

Although there was a slight decline in the number of unique malware installation packages compared to past years, the overall threat landscape seems to be stabilising rather than shrinking. This suggests that cybercriminals are refining their methods, rather than abandoning them.

One of the most concerning trends observed was the rise of modified messaging applications embedding the Triada Trojan family. Third-party versions of WhatsApp containing the Triada.ga Trojan, were ranked among the top mobile threats. Other messaging app modifications harbouring similar malicious code, such as Triada.fd, Triada.gs, Triada.gn, and Triada.gm, also featured prominently in the threat landscape.

Another notable development was the rise of the increasingly sophisticated Fakemoney scam app family, which demonstrated the highest activity levels in 2024. These deceptive apps prey on users by promising fraudulent investment opportunities and payouts, manipulating users' financial desires.

Banking Trojans have also become a growing menace. The Mamont banking Trojan family was a key threat in 2024, ranking fourth in the overall mobile threat landscape. Researchers uncovered a new method of distribution targeting Android users in Russia, where attackers offered discounted products. When users interacted to make purchases, they were sent phishing links that led to malware disguised as shipping tracking apps.

The malware used a combination of social engineering and technical exploitation to steal banking credentials and financial information. It often abused permissions, requesting SMS access to intercept authentication codes, and used accessibility services to overlay fake login screens.

Regional threats were also noted, with Turkey and India seeing the highest concentrations of banking malware. In Turkey, users were targeted by various Piom Trojans connected to GodFather and BrowBot campaigns, while India faced malware like Rewardsteal bankers and SmsThief, which intercepts SMS messages.

Experts recommend users keep their security software updated, avoid downloading apps from unofficial sources, carefully assess app permissions, and be cautious of unsolicited messages with suspicious links to minimize the risk of falling victim to these evolving mobile threats. A YubiKey is also a recommended way to increase protection against phishing and other cyber-attacks.

Sources:

https://www.statista.com/statistics/1319611/mobile-banking-trojan-installation-packages-detected-worldwide/#statisticContainer

https://cybersecuritynews.com/33-3-million-cyber-attacks-targeted-mobile-devices/