Remote Access Trojan Infections Surge 55% As Malware Becomes a Growing Driver of US Credit Union Fraud: BioCatch

A recent report from cybersecurity firm BioCatch reveals that Remote Access Trojan (RAT) infections have exploded by 55% at US credit unions, making RAT-enabled schemes responsible for roughly 15% of all credit union fraud this year.

The report , which draws on data from over 200 financial institutions, shows credit unions being increasingly targeted by fraudsters using RATs as part of account takeover attacks.

Attempted account takeovers (ATO) involving RATs rose about 50% during the first half of 2025 even as attempts at account opening fraud declined by about 18%. Fraud carried out via stolen devices is also on the rise.

BioCatch says the shift in tactics reflects a broader evolution in digital banking threats where traditional defenses are being tested by increasingly sophisticated tools.

“Fraudsters are pivoting to multi-channel approaches to drain accounts. Through digital banking, they are able to collect card information and add it to digital wallets. They can then use these cards at ATMs, for in-store purchases, and more. In many cases, victims cannot recover any of the stolen money. This type of activity has increased significantly so far this year, rising from just 8% of all fraudulent activity reported by BioCatch’s credit union customers at the beginning of 2025 to 18% in August.”

Credit unions, which often have fewer resources than large banks for threat detection and cybersecurity infrastructure, appear especially exposed to RAT attacks and card-based fraud.

According to BioCatch, coordinated efforts with regulatory agencies and technology partners may also be needed to cut off fraud in its evolving forms before it becomes unmanageable.

Generated Image: Midjourney