2019 Global Analysis of Banking Malware

According to Forrester, ransomware attacks grew 500% in 2019 compared to 2018. However, in addition to the increase in these types of attack, the presence of malware to undermine cryptocurrencies (29% more) and attacks on IoT devices (10% more) grew also. Such attacks are becoming more and more profitable and, above all, more simple technically than attacks using banking malware.

2019 witnessed innumerable attacks that wreaked havoc on companies, public entities and anonymous users. Malware is a very lucrative business and cybercriminals know it better than anyone.

Although ransomware and cryptocurrency mining attacks are the ones that have increased the most, the general trend regarding malware-related crimes is growing and cyber-attacks using malicious software are expected to continue to increase during 2020 and beyond.

Due to this growing threat we have seen multiple incidents over the past year that have captured headlines in tech media, with some of them being reported on television and radio channels. And all this without counting the attacks that do not involve the use of malware; if we take the attacks related to security breaches used to steal customer data into account, there are many more cases in which the data and users of different banking entities have been in attackers' hands.

In this document we are going to review the families that we have seen most in 2019, including banking malware families for Windows and Android. We will pay particular attention to the banking entities affected depending on the country in which the malware operates. In the case of iOS, no banking malware was detected in 2019 that attacks this operating system. Only other types of malware (such as spyware malware) were observed, but they are not aimed at attacking the finance industry.

If you are interested in continuing to read the full report:


Global Analysis of Banking Malware

What should we expect in the future? For the future we can expect more malware, mainly Ransomware. Ransomware attacks increased significantly in 2019, and don’t only attack users anymore. .

There have been attacks on companies, seeking to obtain the greatest possible benefit. Hijacking user documents is one of the best ways to earn money, since users desperate to recover them may end up paying to do so.


Posted by David Morán

David has more than 15 years’ experience in cybersecurity, systems and development, starting out in an extinct hacking team known as Badchecksum. He collaborated on Defcon 19 with the Painsec security team. He is versed in scalable environments thanks to his work at the Tuenti social network with a traffic load of over 12Gbps. He has been involved with buguroo almost since the outset and has taken part in all the tools developed by the company, including source code analysers, malware analysis, cyber intelligence, etc. He also has in-depth knowledge of the Linux kernel, having developed LKMs that acted as rootkits as well as malware for Windows environments. He is currently the head of Revelock’s development team, managing task distribution and negotiating with the Head of Technology.



buguroo’s cloud-based fraud detection delivers a straightforward solution for detecting and stopping today’s – and tomorrow’s malware threats. Banks and their customers can be protected from one of the most malicious threats in use by cybercriminals.


Solicita una demo

Would you like to know how our solution protects your bank?

Check how our solution can help you to resolve your company's online fraud issues by requesting a free DEMO and we explain it to you in detail.

Watch video

Did you like it? Share in your social communities.