ISLAMABAD: The number of Trojan banker attacks on Android smartphones increased by 56 per cent in 2025 compared to the previous year, 2024.

The claim was made by cybersecurity firm Kaspersky in a report titled “Mobile Malware Evolution.” This type of malware is designed to steal user credentials for online banking, e-payment services and credit card systems. Cybercriminals commonly distribute Trojan bankers through messaging apps as well as malicious webpages.

The number of new Trojan banker installation packages for Android (unique APK files) also increased sharply across the globe, reaching 255,090 packages. This may indicate that these tools generate substantial profits for cybercriminals. Experts believe that threat actors will continue to expand delivery channels and develop new Trojan variants in an attempt to evade detection by security solutions.

“Although Trojan bankers for smartphones are the fastest-growing type of malware, we also observed another important trend: preinstalled backdoors such as Triada and Keenadu appeared more frequently compared to previous years,” commented Anton Kivva, malware analyst team lead at Kaspersky.

He said people purchase completely new but infected Android devices and may be unaware of the threat.

“Once integrated into the firmware, fully functional preinstalled backdoors provide attackers with unlimited control over victims’ smartphones and tablets. As a result, all information on infected devices can be compromised. It is quite difficult to remove such malware,” he added.

If the device is infected, we recommend users check for firmware updates, the expert said, adding that after the update, run a scan of the device with a security solution again to make sure the newly installed firmware is not infected.

To stay protected from mobile threats, it has been recommended to download apps only from official websites and app stores for smartphones, such as the Apple App Store and Google Play, though the report warned that even downloading apps from official stores is not always risk-free.

“Check the permissions of apps that you use and think carefully before permitting an app, especially when it comes to high-risk permissions such as Accessibility Services. Update your operating system and important apps as updates become available. Many safety issues can be solved by installing updated versions of software,” it stated.

Published in Dawn, March 6th, 2026