January also brought two new mobile banking malware campaigns serving up the banking trojans FluBot and TeaBot. Last month, Bitdefender researchers discovered a raft of active campaigns that were flooding Android devices with the trojans through smishing and malicious Google Play apps that targeted victims with fly-by attacks.

As Bitdefender Labs said last month, researchers intercepted more than 100,000 malicious SMS messages trying to distribute Flubot malware since the beginning of December.

Cybercrooks’ zest for mobile malware makes sense, given that “access to cryptocurrency trading and banking on devices makes mobile platforms an attractive target for cybercriminals,” according to the report.

A separate report on mobile malware, published by Kaspersky on Tuesday, documented a downward trend in the number of attacks on mobile users year over year from 2021 to 2021. However, the attacks, though less numerous, are “more sophisticated in terms of both malware functionality and vectors,” according to Kaspersky.

Some examples of banking trojans new tricks, as pointed out by Kaspersy: In 2021, the Fakecalls banker, which targets Korean mobile users, was upgraded to drop outgoing calls to the victim’s bank and to play pre-recorded operator responses stored in the trojan’s body. As well, the Sova banker, which steals cookies, is now enabling attackers to access a target’s current session and personal mobile banking account without knowing the login credentials.