Appdome Strengthens Mobile Security with Advanced Protections Against Banking Trojans and Spyware

Singapore, February 18, 2025 – Appdome, a leading innovator in mobile security, has announced a major platform enhancement featuring 24 new dynamic defense plugins designed to counteract the growing threat of Banking Trojans, Trojan Spyware, and Remote Access Trojans (RATs) across Android and iOS applications. These advanced security measures, part of Appdome’s AI-Native XTM Platform, leverage in-app behavioral analysis to detect and neutralize malicious activity in real time. With the rising incidence of mobile-based cyber threats, this upgrade empowers businesses in fintech, banking, e-commerce, and trading to fortify their mobile applications without the need for additional coding, SDK integrations, or external server deployments.

“The rise of trojan malware and fraudulent activities remains a pressing concern in the mobile ecosystem,” said Tom Tovar, co-creator and CEO of Appdome. “By analyzing over 5 billion data points weekly, we continuously refine our defenses to combat the evolving nature of trojan threats and keep mobile users safe.”

Escalating Threats in the Mobile Landscape

Cybercriminals are developing increasingly sophisticated trojans to infiltrate mobile banking and financial apps, often leveraging AI-powered attack mutations. Banking Trojans such as Xenomorph and SharkBot exploit mobile users by overlaying fake login screens to steal credentials and bypass multi-factor authentication. Meanwhile, spyware like Pegasus enables covert surveillance and data exfiltration, while RATs such as BRATA allow attackers to gain full control over infected devices, intercept communications, and erase digital footprints. These threats are evolving at an unprecedented pace, heightening risks for mobile commerce, fintech, and financial platforms worldwide.

“Banking Trojans, spyware, and RATs pose multi-layered risks to businesses and users alike,” said Richard Stiennon, Chief Research Analyst at IT-Harvest. “Appdome’s dynamic defense plugins provide an adaptive security framework, allowing organizations to defend against targeted threats efficiently.”

Next-Gen Security with Appdome’s Dynamic Defense Plugins

Appdome’s AI-powered platform enables mobile businesses to integrate custom security plugins tailored to their specific risk landscape. Unlike traditional SDK-based solutions, these plugins provide real-time threat detection and prevention by analyzing user interactions, application behavior, and system operations at runtime. This approach ensures comprehensive protection against trojans and other mobile-based cyber threats.

The new 24+ new Appdome mobile defense plugins that target specific trojan malware and spyware in the expanded Appdome Account Takeover (ATO) offering include:

For Mobile Banking Trojans:

• Accessibility Malware: Blocks unauthorized exploitation of Android accessibility services, such as preventing malicious overlays, input manipulation, and automated attacks.
• ATS Malware: Prevents unauthorized automation of banking transactions and detects real-time attempts to manipulate app sessions.
• BrasDex Trojan: Provides proactive protection against BrasDex trojan by thwarting its keylogging and credential theft mechanisms using advanced behavioral analysis.
• Xenomorph Trojan: Safeguards against Xenomorph trojan attacks by identifying and blocking unauthorized overlays and phishing attempts targeting user credentials.
• PixBankBot Trojan: Defends against PixBankBot by preventing the trojan’s ability to intercept and manipulate banking transactions on infected devices.
• PixPirate Trojan: Protects mobile users from PixPirate by disrupting its session hijacking and credential exfiltration tactics through real-time anomaly detection.
• SpyNote Trojan: Stops SpyNote trojan by blocking its remote access capabilities and preventing unauthorized data exfiltration from compromised devices.
• Joker Trojan: Combats Joker trojan by identifying its SMS interception and subscription fraud attempts, ensuring mobile user security and app integrity.
• Octo Trojan: Defends against Octo trojan by disrupting its on-device fraud execution and preventing data leakage with embedded AI-driven defenses.
• Blank Bot: Secures apps from Blank Bot by detecting its automated attacks aimed at stealing user credentials and disrupting its login attempt manipulation.
• Godfather: Provides a robust defense against Godfather trojan by monitoring app behavior and blocking its attempts to access and exploit sensitive banking information.
• Toxic Panda: Protects from stealing login credentials and credit card details by manipulating Android accessibility with Android app overlay attacks and SMS interception.
• Cloak & Dagger: Detects unauthorized use of Android accessibility features and prevents invisible overlays or touch events that aim to steal sensitive information.
• Gold Pickaxe: Prevents unauthorized MDM installations that are used to gain remote control over devices, phishing overlays, credential theft mechanisms, and unauthorized access to sensitive user data on Ios devices.

For Mobile Spyware Trojans:

• Pegasus Spyware: Mitigates Pegasus spyware threats by blocking zero-click exploitation and halting its covert surveillance and data exfiltration processes.
• Cerberus: Shields against Cerberus banking trojan by detecting overlay attacks and disrupting its credential-stealing operations in real time.
• AgentTesla: Prevents AgentTesla attacks by intercepting its keylogging and data-stealing activities through dynamic runtime analysis and payload blocking.
• DarkComet: Protects against DarkComet by detecting its remote access commands and preventing malicious file manipulation or user surveillance.

For Remote Access Trojans (RATs):

• SpyNote RAT: Protects against SpyNote RAT by detecting and blocking its remote administration and data exfiltration mechanisms through runtime behavioral analysis.
• AndroRAT: Neutralizes AndroRAT attacks by preventing its remote access capabilities, such as file manipulation and keystroke logging, through advanced payload detection.

For Task Hijacking:

• Prevent Task Hijacking: Blocks Android apps from unauthorized screen overlays and securing the app’s task management system.
• Detect Strandhogg 2.0: Detects and blockings malicious app masquerading attacks that exploit vulnerabilities in the Android multitasking system, prevents unauthorized privilege escalation and the hijacking of legitimate app sessions.

For Logging Attacks:

• Prevent Android Logging Attacks: Disables Android log function calls to prevent data leakage and attacks via logging infrastructure, such as log4j.
• Prevent Ios Logging Attacks: Prevents log function calls in an Ios device, preventing sensitive data from leaking to malicious actors.

Each security feature in the Appdome platform is designed to counter both primary trojan threats and their evolving variants, ensuring continuous protection for mobile businesses.

“With these enhancements, we’re delivering unmatched control and visibility over trojan malware threats,” said Chris Roeckl, Chief Product Officer at Appdome. “Unlike static security solutions, our AI-driven approach ensures businesses can stay ahead of emerging mobile threats.”

Comprehensive Mobile Security with Appdome

Appdome’s new anti-trojan defenses integrate seamlessly with its Threat-Events™ Intelligence and Control Framework and ThreatScope™ Analytics service. These tools allow mobile businesses to gather real-time attack data, customize in-app security responses, and enhance user experience while maintaining brand integrity. Organizations can monitor and counteract trojan, spyware, and RAT attacks efficiently—both pre- and post-deployment—ensuring robust security in an increasingly hostile digital landscape.

As cyber threats become more sophisticated, Appdome remains committed to empowering mobile enterprises with AI-driven, no-code security solutions that provide proactive, on-device protection against the latest threats.