New Android Malware is A Threat to Online Banking Users


The Global Threat Index for June 2022 has been published, and it paints an interesting picture of the security of computer systems over the same period.

The data has also revealed that there is a new Android banking malware nabbed MailBot, and it seems to have been developed following the takedown of FluBot in May this year.

While it is new, MailBot has reached third place in the most prevalent mobile malwares list.

It hides in plain sight as a cryptocurrency mining app under different names and targets users of mobile banking to steal financial information.

Similar to FluBot, MaliBot uses phishing SMS messages (smishing) to lure victims into clicking on a malicious link that redirects them to the download of a fake application containing the malware. 

The ever infamous malware Emotet, is still the most prevalent malware overall.

Snake Keylogger comes in third after an increase in activity since appearing in eighth place last month.

Snake’s main functionality is to record users’ keystrokes and transmit collected data to threat actors.

While in May CPR witnessed Snake Keylogger being delivered via PDF files, recently it has been spread through emails containing Word attachments tagged as requests for quotations. 

Others such as Apache Log4j Remote Code Execution impact 43% of organizations worldwide, closely followed by “Web Server Exposed Git Repository Information Disclosure” which has a global impact of 42.3%. “Web Servers Malicious URL Directory Traversal” is in third place with a global impact of 42.1%.

In Kenya, Emotet has a country impact of 39.74% followed by SnakeKeylogger and Formbook each impacting 9.93% of organizations in the country.

Emotet is an advanced, self-propagating, and modular Trojan. Emotet was once used as a banking Trojan, but recently been used as a distributer to other malware or malicious campaigns.

In second position is SnakeKeylogger, which is a modular .NET keylogger and credential stealer first spotted in late November 2020.

Finally is FormBook, which is an Infostealer targeting the Windows OS and was first detected in 2016.


“While it’s always good to see law enforcement successful in bringing down cybercrime groups or malwares like FluBot, sadly it didn’t take long for a new mobile malware to take its place,” said Maya Horowitz, VP Research at Check Point Software. “Cybercriminals are well aware of the central role that mobile devices play in many peoples’ lives and are always adapting and improving their tactics to match. The threat landscape is evolving rapidly, and mobile malware is a significant danger for both personal and enterprise security. It’s never been more important to have a robust mobile threat prevention solution in place.”