Mobile users in Nigeria have been impacted by mobile malware during the Covid-19 pandemic. The country, which has low mobile internet penetration at 35 percent, has tremendous growth potential but is also a prime target for threat actors.
This is according to proprietary data gathered by Upstream, and its Secure-D anti-fraud platform, in a 2021 report entitled: “A Pandemic On Mobile – Mobile Ad Fraud and Malware”. Insights for Nigeria come from a three-month sensor campaign, that aimed to determine fraud levels in the country from November 2020 to January 2021. During the study period 415 000 mobile transactions and service sign-ups were processed.
Upstream’s Secure-D platform detected 576 malicious apps in Nigeria during the three-month period, many of which are yet to be removed from the Google Play store. More than 50% of these apps have gone through Google’s official app storefront, a percentage much higher than the average 29% in other countries. Overall data from Upstream’s malware report shows that threat actors are increasingly turning their attention away from Google Play to other third-party app stores that are unregulated.
The top five apps with suspicious behavior that were blocked are XOS Launcher, HiOS Launcher, Phoenix Browser, AHA Games and Cobo Launcher Easily DIY Theme. XOS Launcher, a popular phone customisation app that claims to speed up handsets, was found present on 1 836 devices and 3 394 attempted fraudulent transactions were stopped. The app is still available on the Google Play store.
Globally, only 2,6% of devices are reported to be harboring high-risk apps, signaling that some mobile markets are being disproportionately targeted by malicious actors. High malware infection rates are also found in Asia (Indonesia and Thailand) and Brazil.
“Mobile users in emerging markets, especially in rural regions, tend to rely solely on their mobile devices to connect to the online world, something that has become essential during the pandemic,” says Upstream CEO, Dimitris Maniatis. “These users tend to be digital novices, may access the internet for the first time, and use low-end Android devices. They are often unbanked, relying on their mobile phones to pay for goods and services. This dependency is making them more vulnerable to bad actors, especially throughout the health crisis, resulting in the high infection rates we have identified.”
The pandemic has dramatically increased the risk of digital fraud, as more businesses and individuals turned to the internet for work, entertainment, shopping and socializing. During the past period, Gaming became the most popular app genre in the Google Play store for fraud, with 21% of all suspicious apps blocked coming from this category.
The top suspicious app of the period is “com.android.fmradio”, a radio player app, responsible for 99,8-million fraudulent transactions. The app has been removed from Google’s official app store.
Heavily featured in the top ten most malicious apps lists are system apps, which typically come preinstalled on low-end Android handsets, that are very popular due to their low price point. Freemium video apps such as SnapTube and VivaVideo are also main agitators in emerging markets.
To mitigate the impact of mobile fraud and protect users, especially in the world’s most vulnerable regions, Maniatis cites three key prerequisites: “Decisive self-regulation and market-wide vigilance on one side, and mobile network-level solutions that guarantee prevention through dedicated expertise and 24×7 monitoring on the other, are two essential parts of the solution. As more of our life and work goes online, security will need to become an integral part of any digital offering and not an optional add-on feature.
“Combating fraud will ensure the mobile ecosystem retains its integrity and profitability and can keep providing communities with an essential and valued service,” he adds.