Banking Trojan attacks targeting Android smartphones surged last year. As malware aimed at online banking and card information spread quickly, analysts said mobile financial security threats are growing.
According to the Mobile Malware Evolution report Kaspersky released on the 21st, banking Trojan attacks on Android smartphones in 2025 increased 56% from the previous year.
A banking Trojan is a type of attack that distributes malware designed to steal login details for online banking, electronic payment services, and credit card systems, and it mainly spreads through messenger apps and malicious web pages.
In addition, the number of new Android banking Trojan installation packages (APK) totaled 255,090 last year, up 271% from the previous year. Kaspersky said attackers are expanding distribution channels and continuously developing new malware variants to evade detection by security solutions.
In particular, preinstalled backdoors such as Triada and Qinadue were found more frequently than before. Backdoors integrated into firmware can effectively control smartphones and tablets without limit. Therefore, users should regularly check for firmware updates and, after updating, rescan devices with a security solution to verify the safety of the new firmware, Kaspersky noted.
Lee Hyo-eun, head of Kaspersky Korea, said, "As banking Trojans spread rapidly on smartphones, they are becoming a serious threat to mobile payment security," and added, "Users should increase security awareness, maintain safe downloading habits, update systems in a timely manner, and use professional security software to protect mobile devices and financial data."