At the Cyber Security Weekend – META, Kaspersky released new data on mobile cyberthreat dynamics in countries of the Middle East, Turkiye, Africa (META) region. As users increasingly rely on their mobile devices to share personal data and connect to corporate networks, the number of mobile threat detects in the META region increased by 22% in 2023 compared to 2022. Specifically, for the Middle East the increase in mobile threats amounted to 40%, for Turkiye – as much as 120%, and for Africa – 10%. All these threats were blocked by Kaspersky mobile solutions.
The statistics come from Kaspersky solutions running on Android devices. This mobile OS holds a dominant market share in the Middle East, Africa and Turkiye. Apple devices are not immune to cyberthreats (with the Triangulation attack uncovered by Kaspersky as the most recent example), but are difficult to monitor due to OS specifics.
Malware infection vectors are very diverse. Often, users may encounter malware when they install programs from unofficial sources, but sometimes malicious apps can be found in mobile marketplaces as well. Attackers use various baits to convince the victim to download a malicious app – they disguise it as a useful or well-known application. In the META region, the top 5 ‘baits’ used by cybercriminals were positioning malware as WhatsApp or Chrome app mods, music downloaders, ad blocking software, and system apps. A user can mistake these apps for their genuine copies, and infect their device.
Among the most prevalent mobile threats that were actually detected on mobile devices in the Middle East, Turkiye and Africa region were adware, spyware, and mobile banking trojans. While adware can behave in a seemingly harmless way, it can spam a user with ads, drain battery, or even get access to sensitive data. Spyware – specifically, CanesSpy, a Trojan active in the META region – can steal data from an infected smartphone, a list of contacts and user account information on the device, documents, and also record from device’s microphone upon command.
“One of the types of mobile malware observed in the Middle East, Turkiye, Africa region are trojans – apps that are often disguised as legitimate ones. In general, the functionality of trojans differs depending on the type of malware they belong to. Trojans can steal data from victims’ devices, add unwanted subscriptions, and extort money,” comments Dmitry Galov, Head of Kaspersky GReAT for Russia and CIS at Kaspersky. “In 2024, we believe that the number of advanced attacks on mobile devices will increase, as attackers are constantly looking for new ways to deliver malware, and the malware itself is becoming more sophisticated. As a result, attackers may seek new ways to monetize their efforts. It is also important to observe and analyze how the mobile cyber threat landscape will change when it becomes possible to install applications from alternative stores on iOS, bypassing the App Store, without jailbreaking.”
To protect yourself from mobile threats, Kaspersky recommends:
• Download apps only from official stores like Apple AppStore, Google Play or Amazon Appstore. Apps from these markets are not 100% failsafe, but at least they get checked by the moderators and there is some filtration system — not every app can get onto these stores. It’s worth looking through user reviews of an apps to see if there is any negative feedback on its functionality.
• Check the permissions of apps that you use and think carefully before permitting an app, especially when it comes to high-risk permissions such as Accessibility Services.
• A reliable mobile security solution like Kaspersky Premium can help you to detect malicious apps and adware before they start behaving badly on your device.
• Update your operating system and important apps as updates become available. Many safety issues can be solved by installing updated versions of software.
• Kaspersky calls on the mobile industry to enhance cyber protection at all levels, including security for users, by providing tailored cybersecurity services. Kaspersky Consumer Business Alliances enable companies to offer their customers complete cybersecurity portfolios by backing them with Kaspersky’s global support and expertise.