India – Feb. 6, 2025 — Appdome, the leader in protecting mobile businesses, today announced a platform upgrade that includes 24 new dynamic defense plugins targeting hundreds of Banking Trojans, Trojan Spyware, and Remote Access Trojan malware across Android and iOS apps. The new plugins for Appdome’s patented AI-Native XTM Platform are designed to use in-app behavioral analysis to combat the prolific rise in trojan malware targeting mobile banking, fintech, trading, mCommerce, and other Android and iOS apps. Like all Appdome defenses, each of the 24 new dynamic defense plugins targeting trojan attacks is available by choice using the Appdome platform without the need to integrate code, perform manual coding, implement SDKs, or deploy servers.
“The surge of trojan malware and fraud is top of mind in the mobile economy,” said Tom Tovar, co-creator and CEO of Appdome. “We study more than 5 billion data points every week to understand how polymorphic trojan malware behaves and design defenses that are purpose-built for the job of defeating each type of trojan threat.”
The rise of Mobile Banking Trojans, Trojan Spyware, and Remote Access Trojans (RATs) has become a significant threat to the mobile economy. Attackers are developing increasingly sophisticated trojan malware to exploit users of Android and iOS applications. These attacks are no longer limited by geographic boundaries. In addition, AI-powered attack generation and mutations have arrived in full force. Banking Trojans like Xenomorph and SharkBot target mobile banking apps, overlaying fake login screens to steal credentials and bypass multi-factor authentication. Meanwhile, Trojan spyware such as Pegasus has demonstrated how nation-state-grade surveillance tools can infiltrate mobile devices, exfiltrate sensitive data and track users. RATs, like BRATA, take the threat further by granting attackers full control over infected devices, allowing them to siphon funds, intercept communications, and even perform factory resets of devices to erase attack residue. As AI-driven automation, on-device fraud (ODF) tactics, and sophisticated evasion techniques proliferate, mobile commerce, fintech, and mobile banking platforms are at increasing risk of exploitation and compromise.
“Banking Trojans, Trojan Spyware, and Remote Access Trojans present multiple threats to a mobile business and user,” said Richard Stiennon, Chief Research Analyst at IT-Harvest. “Appdome’s model of using defense plugins gives mobile brands and businesses the power to choose which threat to detect and how to defend against that threat.”
The Appdome platform generates dynamic defense plugins to protect mobile applications based on business needs. Once added to a mobile application, these plugins analyze mobile application behavior, user interactions, and network and system operations at runtime, enabling proactive detection and prevention of attacks. Where SDKs deliver static defense checks or route traffic to attestation servers, Appdome’s dynamic defense plugins do the work inside Android & iOS applications to provide an inherently self-adaptive, self-intelligent detection scheme capable of detecting even the most sophisticated and polymorphic Trojan malware. These dynamic defense plugins can also inform, instruct and take instruction from the mobile application or mobile backend, providing seamless defense to any class of attack.