Secure-D from Upstream detected 1,69-million malware-infected android devices in South Africa last year, from more than 18 000 applications.
While the rogue apps behave normally on a smartphone’s screen, they surreptitiously click on links and adverts, sign users up to subscription services and consume vast amounts of data from prepaid contracts.
Not only do advertisers pay app developers for the false clicks, the fraudulent apps are also used to steal personal data about the smartphone user without any visible sign of the fraudulent activity.
Specialist mobile security company Upstream works with a number of operators in South Africa to protect consumers and businesses from this type of fraud. The company’s Secure-D platform monitors app activity and blocks suspicious transactions. In an end of year report, Upstream revealed that it checked more than 50-million Android transactions in South Africa in 2019, identifying and blocking 86% of them as fraudulent.
Fraudsters recognize that smartphone users regularly watch and share videos, and they often hide malicious activity in video apps.
In 2019, South Africa’s worst three offending Apps were all video apps:
* VidMate: 15-million blocked transactions – Downloaded worldwide more than 500-million times – Vidmate lets people download videos and songs from popular social media sites and entertainment services, allowing users to watch content offline. In the background, however, a hidden component generates fake clicks and purchases and downloads other suspicious apps without the user’s knowledge. Vidmate was by far the most dangerous app in South Africa in 2019, and is now only available on independent Apps stores, having been removed from Google Play.
* Snaptube: 2-million blocked transactions – The Snaptube video app infected 4,4-million handsets and generated more than 70-million fraudulent transactions, with 2 million of those transactions originating in South Africa. Upstream exposed Snaptube in October 2019, but it is also still available on third-party Android app stores.
* Vivavideo: 560 000 blocked transactions – A very popular video editing software app for smartphones, Vivavideo has been downloaded more than 100-million times worldwide. But just like Vidmate, its background behaviour leaves a lot to be desired and Secure D was working hard to block more than half a million fraudulent transactions in South Africa alone.
According to a global report on the state of malware and mobile ad fraud released by Upstream, 935 of total mobile transactions in 20 countries were blocked as fraudulent in 2019.
Fraudsters target Android handsets because the open operating system is easier to work with, and there are a host of unofficial places to visit and download apps. Additionally, in countries like South Africa, a large proportion of consumers use prepaid mobile phones as their main method to access the Internet.
These users also often use their airtime credit to buy digital services, enabling fraudsters to subscribe users to premium services without their knowledge.