Promon, an application shielding technology firm, recently identified a new cyber threat named FjordPhantom targeting banks in Southeast Asia.
A concerning finding revealed that more than 80% of the world’s top banking apps for Android are susceptible to FjordPhantom.
The malware operates by running targeted banking apps in a virtual environment with malicious components, which effectively bypasses standard security measures. Out of 113 top banking apps analyzed, 91 (80.5%) were successfully run in FjordPhantom’s virtual environment.
The United States showed a higher vulnerability, with 84.6% of its top banking apps affected, while the UK fared slightly better than the global average.
The study highlighted the robustness of FjordPhantom’s attack method. In September 2023, a customer in Southeast Asia lost 10 million Thai Baht (approximately $280,000) to this malware.
The susceptibility of these apps to such advanced threats underscores the urgent need for enhanced security measures in the FinTech sector.
“Promon head of security research Benjamin Adolphi said, “Our findings display the threat that FjordPhantom poses and just how easy it is to adapt the malware to target different apps, most of which are currently unable to protect against such attacks. At this moment in time, it appears that FjordPhantom’s use of weaponized virtualization is currently localized to countries in Southeast Asia.
“Yet, if paired with an effective method of transmission tailored for other nations, such as a wave of malicious emails and texts, it’s entirely possible that this malware could be used by hackers across the globe to target banking apps and commit widespread fraud.”
Copyright © 2023 RegTech Analyst
Copyright © 2018 RegTech Analyst
