malware malicious

Photo via: Unsplash

Malware madness: Here are the top 5 most malicious apps in South Africa

A recent report found that 1 in 6 mobile devices in developing countries are infected with malware. SA has five apps that are particularly malicious.

malware malicious

Photo via: Unsplash

An ominously titled report by leading mobile technology company Upstream found that one in six Android mobile devices in developing countries were infected with malware in 2021. A Pandemic on Mobile—Mobile Ad Fraud and Malware said that the COVID-19 pandemic exacerbated the problem because people across the globe were suddenly forced to conduct more and more of their lives online and fraudsters capitalised on it.

The report’s insights are derived from data from 35 mobile operators in 23 markets, encompassing nearly 840 million users. In total, one billion transactions were analysed and Upstream claims it is one of the largest and most detailed sets on mobile ad fraud and malware.

MALWARE AND MOBILE AD FRAUD EXPLAINED

Mobile advertising fraud is when consumers, advertisers, publishers or supply partners fall victim to scammers exploiting the process, control or technical weakness in mobile advertising technology, which usually results in financial loss.

There are many types of mobile ad fraud but Upstream singled out the two most common ones, namely, “tricking consumers into making unwanted purchases” and “defrauding advertisers to unwittingly pay scammers.”

For the first scam, fraudsters employ invisible button clicks to trick people into authorising Direct Carrier Billing (DCB). People who use their mobiles to purchase goods and services are especially susceptible.

For the second, advertisers unwittingly pay scammers that use machines or bots to generate clicks on promotional advertising content.

“Mobile ad fraud affects everyone in the mobile ecosystem negatively, from mobile operators to advertisers to consumers,” said the report.

These scams lead to consumers paying ridiculously high bills for services they did not buy, airtime loss and device malfunctions, while advertisers are affected by paying for fake advertising and mobile networks have to deal with dissatisfied customers and reputation damage.

People from developing countries are more susceptible to malware because the first time they access the internet is via their mobile devices and they make use of DCB to purchase goods and services. Approximately 1.7 billion adults across the globe do not have access to financial services, with the majority of them being in developing countries.

According to estimates, mobile advertising fraud could be a $20 billion industry, as there are an estimated 110 million Android devices across the globe that are suspected of being infected with malware.

“Fraudulent apps are present on both major app stores like Google Play and third-party stores such as APKMart, APKPure and apkmonk and in some cases preinstalled on Android devices, especially low-end ones,” said the report.

MOBILE MALWARE IN SOUTH AFRICA

According to the report, 1 in 10 devices in South Africa are infected with malware and there were 9000 malicious apps detected in the country. Upstream processed 35 million mobile transactions, of which 41% were fraudulent.

Upstream said the country’s mobile market has remained resilient because of sustained consumer demand despite the negative economic impact of the pandemic.

“In 2019, fraudulent purchase attempts stood at 80%, resulting from over 18 000 malicious apps that had infected users’ devices. In 2020, fraudulent purchase attempts appear to have dropped significantly (down to 41%), while 1.5 million malware-infected devices and more than 9000 malicious apps were detected,” said the report.

THE TOP 5 MOST MALICIOUS APPS IN THE COUNTRY IN 2020

The most malicious app category in South Africa is “Tools & Personalisation”, which accounted for 22.6% of malware detections. An app called “Ridmik Keyboard” – available on Google Play – resulted in 4226 sign up requests from just one user in a single month.

malware malicious
Table via: Upstream Report

To read the full report click here.