Beware! Android Banking Trojan Attacks Surge 56 Percent in 2025

The cybersecurity landscape in 2025 shows a worrying trend for Android smartphone users. Kaspersky’s latest report titled “Mobile malware evolution” reveals a significant surge in banking Trojan attacks targeting users’ financial credentials.

Based on the data, the number of banking Trojan attacks increased by 56% compared to the previous year. This type of malware is specifically designed to steal sensitive information, from online banking credentials and electronic payment services to credit card data. Cybercriminals typically exploit messaging apps and malicious web pages as primary distribution channels.

Not only has the frequency of attacks increased, but the volume of new installation packages (unique APK files) has also seen a very sharp growth. This indicates that cybercriminals are continuously producing new variants to maximise profits and evade security system detection.

In addition to banking Trojans, another highly dangerous trend is the emergence of pre-installed backdoors on new devices, such as the Triada and Keenadu malware families. Anton Kivva, head of the Kaspersky malware analysis team, warns that users may purchase new Android devices already infected from the factory or distributor.

“Once integrated into the firmware, these backdoors give attackers unlimited control over the victim’s device. It is very difficult to remove such malware,” said Anton Kivva.

He advises users to immediately check for firmware updates and perform thorough security scans if infection is suspected.

These malware attacks have different characteristics in various regions, adapting to local user habits.

With threats continuing to evolve, digital vigilance is the key to protecting financial assets in the current era of mobile banking.