As the adoption of mobile banking continues to grow, attacks on mobile devices are rapidly increasing, with remote access trojans (RATs) becoming the primary tool of attack for fraudsters to gain access to users’ online mobile banking accounts. A recent discovery by BioCatch researchers, which exposed a vulnerability in one of the top-three online payment services in the world, demonstrates the need for the rapid adoption of RAT detection software.

The past year has seen a rise in the use of RAT access technology and financial malware such as, Dyre, Dridex, and Neverquest that gives criminals the ability to access a user’s browser, login to their account and submit fraudulent transactions.

This variant of remote access attack, RAT-in-the-Browser (RitB), has gained steady popularity among fraudsters due to low detection rates. Security teams have a difficult time detecting fraudulent activity, as sessions can continue to look normal without raising red flags. Existing fraud detection solutions are ineffective at detecting RitB attacks, since both device and network are recognized and trusted and there are no signs of automated scripts.