The number of mobile malware attacks in the Philippines, one of the world’s biggest mobile-using countries, dropped sharply in the past two years but users should not drop their guard, cybersecurity firm Kaspersky warned this week.
Among Southeast Asian countries, the pattern of declining mobile threat activity was observed not only in the Philippines but also in Indonesia, Malaysia, and Singapore.
According to Kaspersky experts, the downward trend does not mean mobile malware is disappearing soon. On the contrary, the company urged mobile users to stay alert.
Data from Kaspersky showed the detected attempts to attack Filipino mobile users plunged to 55,617 or 49 percent in 2020 compared to 110,128 in 2019.
In 2021, malware attempts to target smartphone and tablet users fell to 34,010 or 38.84 percent compared to the previous year.
In Thailand and Vietnam, malware attacks against mobile users in 2021 were even higher than in 2019 at 32 percent and eight percent, respectively.
However, cybercriminals are only becoming increasingly inventive that attacks are getting sophisticated in terms of malware functionality and vectors, Kaspersky underscored.
This time, malicious codes in the form of Trojans are being injected in third-party ad modules, loaded into legitimate programs in the guise of updates or added to harmless apps approved by app stores.
Current targets are apps on Google Play and APKPure, a popular alternative Android app store.
**media**
Trojans are used by cybercriminals to delete, block, modify or copy data, and they disrupt the performance of devices or computer networks.
Unlike viruses and worms, Trojans cannot self-replicate or make copies of themselves.
Last year, Kaspersky experts discovered the first ever mobile Trojan that specializes in stealing mobile gaming accounts - the Gamethief malware.
This Trojan targeted accounts in the mobile version of the PlayerUnknown’s Battlegrounds (PUBG) game.
In the Philippines, the top mobile malware detected include the Trojan-Downloader which downloads and installs new versions of malware including Trojans and AdWare on victim computers and automatically runs when the operating system boots up.
It is frequently used in the initial infection of visitors to websites which contain exploits or subset of malware that contain data or executable code that can take advantage of one or more vulnerabilities in the software running on a local or remote computer.
Second is the Trojan-Dropper, used by hackers to secretly install Trojan programs or viruses and to protect malicious programs from being detected by antivirus solutions.
Third is the Trojan-SMS used to send text messages from infected mobile devices to premium rate mobile numbers.
An example is the Android malware Faketoken which sends mass SMS messages to expensive international numbers and disguises itself in the system as a standard SMS app.
Fourth is the Trojan-Backdoor, one of the simplest but potentially most dangerous as it can load all sorts of malware onto one's system.
It’s often used to set up botnets. Without the user's knowledge, his computer becomes part of a zombie network that is used for attacks.
Even as mobile banking malware attacks are also observed to be dwindling, about 97,661 new mobile banking Trojans worldwide were detected by Kaspersky products and technologies in 2021.
There are also Banking Trojans which allow cybercriminals to steal money from victims’ online banking accounts and e-wallets.
A recent Kaspersky study revealed that 75 percent of Filipinos now prefer using smartphones for digital transactions.
In the same study, almost half of the respondents admitted encountering cyber threats while using mobile e-wallets. But only 25 percent of those surveyed confirmed using security solutions.
“The future is definitely mobile here in Southeast Asia. At the surface, it may seem that cybercriminals are becoming less active because of the decreased mobile malware attacks. But, it is a global trend and it does not necessarily mean we are safer,” stressed Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.
“As we embrace digital payment apps more, we unconsciously put more of our hard-earned money in our devices. Our devices usually remain vulnerable from simple malware attacks. There is a gap between awareness and action here in SEA so I urge digital payment providers and regulators to help us in encouraging users to protect their mobile devices.”
Download apps only from official sources, he advised.
This is not a 100 percent security guarantee, but there are far less malicious programs in official stores.
Even when malware slips through moderation, it usually gets removed from the store relatively quickly.
Whenever possible, use apps from trusted developers with a good reputation to minimize the chances of encountering malware, said Kaspersky.
Ignore apps that promise payouts you’ve never heard of or overly generous prizes. It’s almost bound to be a scam, it said.
Don’t give apps permissions they don’t need to work. Most malware will not be able to deploy fully without potentially dangerous permissions such as access to Accessibility, access to text messages and installation of unknown apps, added Kaspersky. Use a reliable mobile antivirus that will detect and block malware that tries to get inside your mobile device.