Less Mobile Malware Attacks but More Bypassing Google Play Store Security Checks
There are less mobile malware attacks in the world over the last year or so, but it’s not a sign to let our guard down just yet.
The number in Singapore has decreased by about 15.9% to 7385 in 2021 compared to the year prior, mirroring a global downward trend in attacks that target mobile users, according to data collected by cybersecurity company Kaspersky. Across the globe, the number of attacks have fallen to about 2.23 million in December 2021 from a peak of 6.49 million in October 2020.
For those unfamiliar, mobile malware is a malicious software designed to specifically target the operating systems of mobile devices like smartphones and tablets. In Singapore, for example, among the most common mobile malware detected last year include Trojan-Downloader, Trojan, Trojan-Dropper, Trojan-SMS and Backdoor. Trojan is a type of malware that infiltrates or takes control of your device by tricking you into thinking it’s a legitimate software or file.
Despite the decline in attacks, Kaspersky reminds mobile users to keep their devices protected and remain vigilant, with bad actors seemingly employing more sophisticated methods to conduct their attacks.
"At the surface, it may seem that cybercriminals are becoming less active because of the decreased mobile malware attacks. But it is a global trend and it does not necessarily mean we are safer," said Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.
The year saw repeat incidents of malicious code sneaking into popular apps through ad software development kits. Kaspersky, for instance, detected Trojan malware in a modified version of WhatsApp called FMWhatsapp 16.80.0. These alternative versions of the popular messaging app are developed for users who feel that the original version lacks the features they need.
What’s more, experts are continuing to find malware in apps on Google Play. This just means that some malicious applications are capable of passing Google’s own checks, making it harder to discern from what’s legitimate to what’s a threat. The Joker Trojan and Facestealer Trojan were particularly common in 2021. The former signs you up for paid subscriptions while the latter steals your credentials from your Facebook account.
Kaspersky noted that Google Play also has scamming apps, ones that imitate legitimate services, say, welfare payments, but would redirect you to a page asking for your data and a payment.
"Cybercriminals are resourceful and take every opportunity to prey on mobile device users," wrote the company. "So, regardless of their activity level, it pays to be alert."
To keep yourself safe, Kaspersky said to only download apps only from official sources. While this isn’t completely fool-proof, the chances of finding malware in official stores is much less than any place else.
Second, as much as possible, only download apps from trusted developers, specifically those with an already established reputation or have good reviews.
Third, ignore apps that promise big payouts. If something sounds too good to be true, it’s likely a scam.
Fourth, don’t give apps permissions they don't need to function. Both Android and iOS offer features that give you a good overview of what permissions an app has access to. Do your best to review those often and adjust accordingly.
Lastly, install a reliable mobile antivirus that will detect and block potentially malicious software from accessing your data.
The number of mobile malware attacks in Singapore has decreased by about 15.9% to 7385 in 2021 compared to the year prior, mirroring a global downward trend in the number attacks that target mobile users, according to Kaspersky.
Despite the decline in attacks, the cybersecurity company reminds mobile users to keep their devices protected and remain vigilant, with bad actors seemingly employing more sophisticated methods to conduct their attacks.
In Singapore, for example, among the most common mobile malware detected last year include Trojan-Downloader, Trojan, Trojan-Dropper, Trojan-SMS and Backdoor.
Trojan is a type of malware that infiltrates or takes control of your device by tricking you into thinking it’s a legitimate software or file.