Nigeria among top 10 countries attacked by malware

A global cybersecurity firm, Kaspersky Lab, says Nigeria is among the top 10 countries globally where users of mobile devices experienced attack by malware in 2019.

Kaspersky, in its Mobile Malware Evolution 2019 report, added that Nigeria dropped four places to become the seventh country out of 10 attacked by mobile malware, recording 33.16 per cent of the attacks.

According to the findings of the analysts, three African countries made the list of the top 10 countries by share of mobile device users attacked by malware.

Algeria came in fourth place, with 40.2 per cent mobile device users experiencing attacks and Tanzania was in the eight place with 28.51 per cent of mobile malware attacks.

The top three countries with the highest number of mobile malware attacks, according to Kaspersky are Iran, Pakistan and Bangladesh.

The cybersecurity firm said that it had observed an overall decline in the number of mobile threats distributed as installation packages over three consecutive years.

According to the researchers, some malware have become less active, others have completely ceased, and new players have yet to gain momentum.

It said the number of attacks using mobile threats declined by 31 per cent as 116.5 million attacks were observed in 2018 but the figure was down to 80 million in 2019.

Last year, analysts at Kaspersky noted that attacks on personal data became more frequent as the number of attacks experienced by mobile device users increased by half, from 40,386 unique users in 2018 to 67,500.

It noted that the malware was not the classic spyware or Trojans but stalkerware.

According to the findings of the researchers, the report stated that it observed a significant increase in the number of adware threats that aims to harvest personal data on mobile devices.

The cybersecurity company said that the number of detected adware installation packages almost doubled from 2018.

The report stated, “Compared to 2018, the number of mobile Trojans detected decreased sharply. A downward trend has been observed for two consecutive years now, yet droppers remained one of the most numerous malware classes. The Hqwar family showed the most notable decrease: down from 141,000 packages in 2018 to 22,000 in 2019. At the same time, 2019 saw the debut of the Ingopack family: we detected 115,654 samples of this dropper.

“Meanwhile, the share of Trojan-class threats rose by 6 percentage points, with the two most numerous malware families of this class being Boogr and Hiddapp. The Boogr family contains various Trojans that have been detected using machine-learning technology. A feature of the Hiddapp family is that it hides its icon in the list of installed apps while continuing to run in the background.”

In 2019, Kaspersky noted that cybercriminals mastered a new method of stealing funds from bank accounts by manipulating banking apps.

“First, the victim is persuaded to run the app and sign in, for example, using a fake push notification supposedly from the bank. Tapping the notification does indeed open the banking app, which the attackers, using Accessibility, gain full control over, enabling them to fill out forms and tap buttons,” the report stated.

“Moreover, the bot operator does not need to do anything, because the malware performs all actions required. Such transactions are trusted by banks, and the maximum transfer amount can exceed the limits of SMS banking by an order of magnitude. As a result, the cybercriminals can clean out the account in one go.”

The analysts said that in 2019, they discovered 3,503,952 mobile malicious installation packages, which were 1,817,190 less than in the previous year, adding that the company had not detected so few mobile threats since 2015.