Mobile malware in decline in the African continent
By Puja Sharma
As cybercriminals tend to invest less and less into the mainstream threats that are successfully neutralised by modern security solutions, they choose to invest more into new mobile malware that has become increasingly complex, featuring new ways to steal users’ banking and gaming credentials, as well as other strands of personal data.
Yet. while analysing the threat landscape of African countries, Kaspersky experts saw a steady decline in malware on mobile devices in the region, as cybercriminals consolidated their efforts to focus on more complicated, dangerous, and profitable threats instead.
Overall, in 2021, South African users faced 38% fewer mobile malware attacks than in 2020, while other countries in the region have seen even more dramatic changes in their mobile threat landscape: Mozambique saw a 48% decrease, followed by Botswana (58%), Nigeria (59%), Ethiopia (69%) and Ghana (76%). The only country where the share of attacks increased was Angola, where mobile malware grew by 12%.
This dynamic is a reflection of the global trend, as cybercriminals tend to invest less and less into the mainstream threats that are successfully neutralised by modern security solutions. Instead, they choose to invest more into new mobile malware that has become increasingly complex, featuring new ways to steal users’ banking and gaming credentials, as well as other strands of personal data.
For instance, in 2021 Kaspersky detected more than 95,000 new mobile banking Trojans in the world, but the number of attacks using such malware remained similar. Additionally, the share of Trojans (malicious programs capable of executing remote commands) doubled, reaching 8.8% in 2021.
In addition to the strategic changes in the mobile threat landscape, experts also attribute the overall decline of mobile malware in 2021 to the enormous wave of attacks seen at the beginning of lockdown in 2020 as users were forced to work from home. That period also saw increased use of various video conferencing and entertainment apps, increasing the volume and spread of attack opportunities. Now that the situation has stabilised, cybercriminal activity declined as a result.
“Indeed, there have been fewer mobile attacks in general, however, the attacks we are still seeing have become more complex and harder to spot,” said Tatyana Shishkova, a security researcher at Kaspersky. The company still calls on the mobile industry to enhance cyber protection at all levels, including security for its users, by providing tailored cybersecurity services.
Cybercriminals tend to mask malicious apps under the guise of legitimate applications, which can often be downloaded from official app stores. On top of that, with mobile banking and payment apps becoming even more widespread, there is a higher chance of cybercriminals targeting these more actively.
“Staying cautious on the Internet and avoiding downloading unknown apps is good practice, but I also strongly recommend using a reliable solution. When it comes to the security of finances, in particular, it is better to be safe than sorry,” added Shishkova.
Recommendations to avoid malware
- It is safer to download your apps only from official stores like Apple App Store, Google Play, or Amazon Appstore. Apps from these markets are not 100% failsafe, but at least they get checked by shop representatives and there is some filtration system — not every app can get onto these stores.
- Check the permissions of apps that you use and think carefully before permitting an app, especially when it comes to high-risk permissions such as Accessibility Services.
- A reliable security solution helps you detect malicious apps and adware before they start behaving badly on your devices.
- If you are a business, consider taking a holistic approach to the protection of your security perimeter, selecting the most appropriate one for your company.
- iPhone users have some privacy controls provided by Apple, and users can block app access to photos, contacts, and GPS features if they think these permissions are unnecessary.
- A good piece of advice is to update your operating system and important apps as updates become available. Many safety issues can be solved by installing updated versions of software.
IBSi FinTech Journal
- Most trusted FinTech journal since 1991
- Digital monthly issue
- 60+ pages of research, analysis, interviews, opinions, and rankings
- Global coverage