McAfee: Year of lockdown sees surge in mobile malware targeting banking, billing and Covid-19 vaccines

McAfee’s latest Mobile Threat Report finds hackers capitalising on the pandemic to target unsuspecting consumers. 

McAfee’s Advanced Threats Research team released its Mobile Threat Report 2021, which found hackers are using fake apps, Trojans and fraudulent messages to target consumers. Last year, McAfee revealed that hidden apps were the most active mobile threat facing consumers. But following a year of lockdowns and a surge in time spent online and on devices, fraudsters are capitalising on this with more approaches. With most of the world still anxious about COVID-19 and demand for vaccines high, McAfee’s research sheds light on how hackers are targeting these fears with bogus apps, text messages, and social media invitations.

“The pandemic changed the way consumers live, meaning hackers have adapted to switch up the various methods they use to target consumers. With more people connected online than ever before, we want to make sure we are doing everything possible to help refocus consumer’s digital mindsets to protect what matters to them and their friends and family – their personal data,” Judith Bitterli, Senior Vice President, Consumer Business Group at McAfee. “Mobile threats remain prevalent in our world and as fraudsters use more advanced methods, this will only continue. We aim to support consumers in safeguarding their personal devices and more importantly, personal data.”

Over the past year, the vaccine rollout has advanced at different rates across the globe, providing plenty of opportunities for hackers. McAfee Advanced Threat researchers found that hackers are hiding malware and malicious links inside fakes vaccination appointments and registration display ads. These have the potential to download malware onto a person’s device that displays unwanted ads, as well as activating accessibility features to give the hacker full device control, with the goal of stealing banking details and credentials. According to the research, some of these campaigns worryingly started as early as November last year, before any vaccines had officially been approved, while others continue to appear as countries roll out their vaccination programmes in the fight against COVID-19.

“We’ve seen how the pandemic not only led to an increased dependence on mobile devices, but how it has prompted bad actors into developing new ways of tricking consumers and stealing their personal data. As well as these advanced forms of malware and deceit, we’ve seen that hackers are also returning to billing scams, but using new tricks,” said Raj Samani, McAfee Fellow and Chief Scientist. “As consumers continue to carry out daily activities on-the-go, it is critical that they stay educated and proactive about protecting their personal data.”

The latest McAfee Mobile Threat Report 2021 highlights the following mobile threat trends:

  • COVID-related malware: According to the McAfee COVID-19 Dashboard, more than 90% of all pandemic-related malware took the form of Trojans. McAfee researchers found evidence of an SMS worm targeting Indian consumers, forming one of the earliest vaccine fraud campaigns.Both SMS and WhatsApp messages encouraged users to download a vaccine app and once downloaded, malware sent itself to everyone in the user’s contact list via SMS or WhatsApp. The malware behind this is the same family that was involved in India’s ban on the Tik-Tok app last July.
  • Billing fraud malware that makes purchases behind the backs of consumers: McAfee researchers have also uncovered new information on mobile malware dubbed Etinu. Targeting users in Southwest Asia and the Middle East predominately, Etinu was found being distributed via Google Play, with more than 700K downloads before being detected and removed. Once an app harbouring this malware is installed via the Google Play Store, the malware steals incoming SMS messages using a Notification Listener function. It can then make purchases and sign up for premium services and subscriptions that get charged to the user’s account.
  • Hackers are using banking Trojans to target hundreds of financial institutions around the world: McAfee Mobile Security detected a 141% increase in Banking Trojan activity between Q3 and Q4 2020. Most Banking Trojans are distributed via mechanisms such as phishing SMS messages to avoid Google’s screening process. During its research, McAfee discovered Brazilian Remote Access Tool Android (BRATA) – a popular banking Trojan – that repeatedly managed to get onto the Google Play store and as a result, tricked thousands of users into downloads.

READ MORE:

About McAfee

McAfee is a leader in personal security for consumers. Focused on protecting people, not just devices, McAfee consumer solutions adapt to users’ needs in an always-online world, empowering them to live securely through integrated, intuitive solutions that protect their families and communities with the right security at the right moment.

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Amber Donovan-Stevens

Amber is a Content Editor at Top Business Tech

TPIs are the Future of Energy Solutions

David Sheldrake SVP POWWR • 19th June 2025

The energy industry is undergoing a transformation, and Third-Party Intermediaries (TPIs), those brokers and consultants who help businesses procure energy, are at the centre of it. With growing complexity, increasing regulation, and evolving customer expectations, the role of TPIs is shifting from price-focused brokers to strategic energy advisors. While renewable energy adoption continues to reshape...

Quick Commerce and the Retail Media Revolution

Sue Azari • 11th June 2025

Quick commerce has transformed the way consumers shop, redefining convenience with near-instant delivery of groceries, meals, and household essentials. However, beyond its impact on logistics and e-commerce, quick commerce is now emerging as a major force in digital advertising. As consumer behaviours shift toward on-demand purchases, these platforms are leveraging their vast first-party data and...

Is It Time for a VMware Alternative?

Wind River • 22nd May 2025

Companies have options when it comes to replacing VMware as their cloud platform, to address rising costs, support concerns, and a shrinking partner ecosystem. If you are ready to contemplate a different vendor, here are five reasons why Wind River Cloud Platform should be on your short list of VMware alternatives.

AI Leads as VivaTech Unveils Top 100 Startups

Viva Technology • 14th May 2025

Viva Technology has unveiled the first edition of its “Top 100 Rising European Startups for 2025,” spotlighting the most promising young companies shaping Europe’s tech future. Germany, France, and the UK lead the ranking, which highlights high-growth startups across 13 countries. Artificial intelligence dominates the list, with 15 companies spanning AI agents, models, and infrastructure....

Birmingham Unveils the UK’s Best Emerging HealthTech Advances

Kosta Mavroulakis • 03rd April 2025

The National HealthTech Series hosted its latest event in Birmingham this month, showcasing innovative startups driving advanced health technology, including AI-assisted diagnostics, wearable devices and revolutionary educational tools for healthcare professionals. Health stakeholders drawn from the NHS, universities, industry and front-line patient care met with new and emerging businesses to define the future trajectory of...

Why DEIB is Imperative to Tech’s Future

Hadas Almog from AppsFlyer • 17th March 2025

We’ve been seeing Diversity, Equity, Inclusion, and Belonging (DEIB) initiatives being cut time and time again throughout the tech industry. DEIB dedicated roles have been eliminated, employee resource groups have lost funding, and initiatives once considered crucial have been deprioritised in favour of “more immediate business needs.” The justification for these cuts is often the...