Mobile Banking Trojans as Keen on Cryptocurrency as PC Malware

Recent research from IBM X-Force highlighted banking Trojan operators’ increasing interest in stealing cryptocurrency and analyzed a web injection scheme the TrickBot Trojan used to deliver stolen coins to attackers’ wallets. This trend by no means skipped the mobile malware realm.

 

Mobile malware dedicated to stealing cryptocurrency usually leverages malicious miners that infect devices to collect coins through a mobile web browser or via nefarious apps. But if profitability is the main goal, mining on a mobile device may not be the most efficient method for attackers.

Mobile devices have limited processing power to lend to mining coins, which translates to low returns. In addition, these devices are not connected to a continuous source of electricity, meaning that users are likely to suspect an issue when a device slows down or overheats, potentially resulting in permanent physical damage.

Crooks operating mobile banking Trojans don’t install miners on the device. Rather, they typically steal existing coins from unsuspecting owners using mobile malware that creates the same effect as web injections: Cybercriminals trick users with fake on-screen information, steal their access credentials and take over accounts to empty coins into their own wallets.

Continue reading this post here.