Probably one of the most notorious terms in cyber security, a Trojan is a type of malware that acts according to the Greek legend: it camouflages itself as a legitimate file or program to trick unsuspecting users into installing it on their PCs.

Upon doing this, users will unknowingly give unauthorized, remote access to the cyber attackers who created and run the Trojan. Trojans can be used to spy on a user’s activity (web browsing, computer activity, etc.), to collect and harvest sensitive data, to delete files, to download more malware onto the PC and more.

What Happened?

According to the quarterly data that Kaspersky publishes on mobile virus dissemination, a declining trend that began in late 2020 has been observed. The security business notes an increase in the dissemination of trojans, including generic trojans, banking trojans, and spyware, despite the general decline in the number of malware.

This worrisome turn of events highlights an increased emphasis on more complex and destructive activities, which are rapidly replacing low-yielding adware and “risk-tools.”

Adware and so-called “risk tools” continue to be the most common in terms of distribution numbers, with the latter accounting for over half of all efforts to infect mobile devices with malware that were discovered by Kaspersky in the first quarter of 2022.

The number of mobile banking trojans that have been discovered has climbed by around 40 percent compared to the previous quarter, and the figure has doubled when compared to the statistics from the first quarter of 2021.


For the purpose of stealing users’ login credentials, this kind of malware generally superimposes fake login panels on top of actual banking or cryptocurrency management software.

Because banking trojans are becoming more freely distributed and inexpensively accessible on hacker forums and Telegram channels, the number of cybercriminals with modest levels of expertise using them is growing.

As BleepingComputer reports, a new malware family “Trojan-Banker.AndroidOS.Bray” is the one that drove the distribution numbers higher this quarter. This family was responsible for 81 percent of all mobile trojan detections in the first quarter of the year.

Kaspersky has noted several intriguing patterns at the start of this year, the most prominent being an increase in fraud programs promoted through legitimate app store channels such as Google’s Play Store.


In the first quarter of 2022, fraudsters leveraged the Russian invasion of Ukraine to provide fraudulent public benefit applications offering cash help in reaction to sanctions and transactional limitations. However, these applications did little more than stealing money from customers by leading them to dangerous websites on the internet.

Another danger to be aware of is the proliferation of predatory payday loan applications, the majority of which are directed against users in India, Brazil, and Mexico.

Kaspersky classifies them as “RiskTool.AndroidOS.SpyLoan”, and states these applications seek access to the user’s contact lists, SMS, and images during installation. If the payment is not made on time, this information may be utilized to coerce more payment.

Follow us on LinkedInTwitterFacebookYoutube, and Instagram for more cybersecurity news and topics.

Mobile Ransomware: The Next Step for Cybercriminals     

Malware as a Service (MaaS). What It Is and How It Can Threaten Your Business?

What is a Remote Access Trojan (RAT)?

Android Malware: Your Mobile Device Isn’t Safe from Hackers

Leave a Reply

Your email address will not be published. Required fields are marked *