The Philippines has been one of the
hottest target countries when it comes to cyberattacks. In the
regional scale, however, this news can even be scarier as
Kaspersky said the country placed third among Southeast Asian
countries with the highest Android mobile malware attempts detected
and blocked by the cybersecurity company.
This was according to the report
gathered by the cybersecurity company from January to September 2019.
Furthermore, the country has been in the same spot since 2017, just
next to list-toppers Indonesia and Malaysia.
Number
of Android attacks blocked by Kaspersky
|
Country
|
2017
|
2018
|
Jan
– Sep 2019
|
|
Indonesia
|
1239628
|
1112952
|
632451
|
|
Malaysia
|
581187
|
335287
|
188846
|
|
Philippines
|
519119
|
280248
|
134556
|
|
Singapore
|
319743
|
43936
|
26836
|
|
Thailand
|
159972
|
89233
|
57056
|
|
Vietnam
|
109585
|
85187
|
53097
|
|
SEA
total
|
2929234
|
1946843
|
1092842
|
The statistical data for this report
came from the entire line of Kaspersky mobile security solutions.
Ranking excludes countries with fewer than 25,000 active users of
Kaspersky mobile security solutions over the reporting period. Recent
figures show there are 82.52% Android mobile users in the country
from September 2018 to September 2019.
According to the cybersecurity
company’s security experts, 98% of mobile malware are designed for
the Android OS, which means Android mobile users who use banking and
shopping apps are at high risk of downloading malware themselves
without knowing it.
Kaspersky has been monitoring malware
attempts against its users who use Android devices in the region and
found that malware attempts have been increasing, with the always
most-dangerous banking and ransomware Trojans classified the top
malware detected.
Users download mobile banking Trojans
themselves. Most of the time, cybercriminals disguise Trojans as
legitimate apps and when an Android device user downloads the app,
along with it comes to the malware that is also installed into the
device. Once a banking app is launched, the Trojan displays its own
interface overlaying the banking app’s interface. As a user inputs
credentials, the malware steals the information. Most cases also show
that mobile banking Trojans intercept SMS messages from banks with
confirmation codes or information about withdrawals.
On the other hand, ransomware Trojans
steal users’ files and demands ransom from its victims. The type
of malware that targets Android mobile devices is called blockers,
which are so named because they block access to the infected device,
meaning not only are the files become inaccessible but the entire
system is. So an infected Android device will have a screen overlayed
with a dodgy banner or demanding a PIN.
Usually, ransomware gets into an
Android device through a malicious attachment; specifically, when a
user opens them, clicks on a suspicious link, installs apps from
third-party app stores or clicks on an ad even on a legitimate
website.
In the Philippines, there have been 30
attempts to install mobile ransomware in Android devices of Kaspersky
mobile solution users in the first nine months of 2019 – doubled
compared to just 15 in the entirety of 2018. Meanwhile, there were
already 49 attempts in nine months to install mobile banking malware
detected in Android devices of Kaspersky customers in the country
compared to 46 instances in 2018.
The top five mobile Trojans monitored
to have been attempting to infect Android devices of Kaspersky mobile
security users in the Philippines for two consecutive years are the
following:
|
Country |
Top
5 type of mobile malware (2018)
|
Top 5 type of
mobile malware (2019) |
||||||||||||||||||||
|
PH |
|
|
This latest Kaspersky data reports that
Filipino Android mobile users are targets of Hiddapp, part of a
mobile malware family that uses advertising as its main monetization
method. It secretly downloads ads on to the infected device,
displaying as many ads as possible to the Android device user. These
Trojans can hide in the system folder which makes them difficult to
remove. If the user detects the adware app, the Trojan will prevent
the app from being deleted and instead re-install it at the first
opportunity.
Kaspesky's report also cited the Boogr
family as the Trojans assigned to files recognized as malicious by
Kaspersky’s machine-learning tools. The fourth top mobile malware
Dvmap is an extremely dangerous Trojan as they use superuser
privileges to carry out their malicious activity. They place their
components in the device which the Android user only has read access
to so this malware cannot be removed using regular system tools. The
fifth top mobile malware Agent family covers a wide range of Trojan
specimens from various developers.
In 2018, Filipino Android users got a lot of the Dropper mobile malware family, which displays persistent
ads and steals money through SMS subscriptions. The said malware is
designed to bypass detection and used by cybercriminals to wrap all
sorts of payloads such as banking Trojans, ransomware and adware.
The Triada has similar characteristics
as with the menacing Dvmap.
“We can see that attempts to infect
Kaspersky mobile users year on year is quite going down in SEA and us
attribute that to the growing awareness of the public about
protecting their mobile data. The Philippines is hands-down an
Android country and combined with the Filipinos’ very strong
interest in digital activities, we understand why at number three
overall in the region, Filipino Android users remain to be among
cybercriminals’ targets,” said Yeo Siang Tiong, general manager
for Southeast Asia at Kaspersky.
“We must remember that all users must
exert effort in protecting their smartphones especially as they use
it increasingly for critical transactions such as online shopping and
online banking. With the BYOD being a trend embraced in the country,
we also encourage businesses to pay attention on how their employees
protect their devices, especially those being used for corporate
purpose. For this, we continue working with local partners like Smart
and Home Credit in the Philippines to help make mobile security more
affordable and accessible to more Filipinos.” he added.
With all that said, Kaspersky suggests
the following ways to spot and avoid Android malware:
- Download apps only from official stores such as Google Play. It won’t provide a full security guarantee, but the risk of encountering a Trojan will be considerably lower. Apps from third party marketplaces are exactly where hackers plant their malware-ridden apps.
- We recommend that you block the installation of software from third-party sources in the device settings. This eliminates randomly downloaded threats that attempt to mimic system updates and the like. Go to Android settings, choose Security and uncheck/disable the “Unknown Sources” box.
- Remember to install system and application updates --- they patch vulnerabilities that criminals can exploit.
- Think hard before clicking on dubious links in email or text messages.
- Pay attention to permissions requested by apps during installation. Think about whether they match the purpose of the app. Granting the wrong permissions can send your sensitive data off to third parties.
- Be wary of a free antivirus trial as it could be malware in disguise that can attack your mobile device. Affordable Android security software is available from trusted vendors and effectively does the job of blocking malicious apps.
Author: slickmaster | © 2019 The SlickMaster's Files
No comments:
Post a Comment
Feel free to make a comment as long as it is within the bounds of the issue, and as long as you do it with decency. Thanks!