“Gartner Listed - mobile application security guide”

February 17, 2017

Banks need to catch up with cybercriminals

New threats are emerging for UK banks, showing the need for mobile app security testing and malware protection, as mobile app users at Lloyds Bank Group were victims of a DDOS attack, and a new Trojan being leaked online shows there are greater risks of identity theft and fraud.

Research from application security specialist, Promon, states that banks are making their infrastructure a target due to their negligence of mobile security and mobile app security testing. As the stakes are getting higher the cybercriminals are getting more serious, moving from trying to crack account passwords to sophisticated organised criminal operations that aim to make substantial financial gains. As security for our online lives improves these cybercriminals are getting creative with new ways to steal someone’s identity, including ransomware, malware, and traditional social engineering techniques.

Head of Communication at Promon Lunde Birkeland said: “What we are seeing now is a steady development of a thriving internet of malware – a place where cybercriminals can work on their skills, share tips and tricks and create a community that is seeing the financial sector as a highly lucrative target, with the mobile channel a rapidly growing area for exploitation. Despite this clear and present danger, banks and financial institutions are still failing to fully comprehend the scale of the threat on their doorstep.”

The new banking Trojan, BankBot, has so far targeted Russian Android devices for their bank details, SMS messages, as well as tracking the device, making calls, and stealing sensitive card information.

With smartphone usage on the rise in the UK, banks are going to face serious consequences from ignoring mobile security and mobile app security testing. As more financial transactions originate from mobiles there will be more room for hackers to plan and launch their attacks. Banks need to get in front of this problem with mobile app security testing and malware testing instead of waiting as their own problem rather than to leave it for the operating system or device manufacturer.

Codified Security is here to help make your mobile app secure whether it’s for iOS, Android, or to make sure you’re clearing the OWASP Mobile Top 10. For mobile app security testing try out Codified Security.