The rise in the number of new malware attacks aimed at mobile phones continues unabated, and unsurprisingly means that African countries – which are disproportionately “mobile first” compared to the rest of the world – are among those places most regularly targeted.
Eight of the 20 most-attacked countries are in Africa, raising alarms for consumers and businesses, according to a new report by Israeli company Check Point Software Technologies.
The data comes from Check Point’s ThreatCloud World Cyber Threat Map, which geolocates incidences of malware attack.
Namibia was the most targeted nation in Africa in November, knocking Tanzania – the most attacked in October – down to 78th position. South Africa ranked No. 63 — down four places from October.
Why African countries? Cybercriminals use underdeveloped countries as a back door of sorts, said Doros Hadjizenonos, country manager for Check Point South Africa, in a press release.
“We’re seeing an ongoing trend of cybercriminals exploiting weaker security controls in less developed African nations to target their more advanced counterparts,” Hadjizenonos said in a statement.
There has been a 17 percent rise in the amount of mobile malware programs being used worldwide meaning that companies could be at risk despite existing security on an internal network.
“Attackers have realized that these devices are an easier target compared with corporate networks, so it’s critical that organisations deploy protection to prevent them being exploited and stop data leakage,” Hadjizenonos said.
Among the mobile malware found to put a company at risk are Xinyin, Ztorg and AndroRAT. Xinyin is a Trojan-Clicker that performs click fraud while Ztorg is a Trojan that can allow an attacker to install applications on a mobile phone without the user ever knowing.
AndroRAT parades as a legitimate mobile app that once installed gives an attacker full access and control of an Android smartphone or tablet. The use of this particular malware family has increased 10 times since October.
With many businesses still using a bring-your-own-device model the threat to network security is very real and malware on a smartphone or tablet that isn’t protected by a company network has the potential to compromise that network, Hadjizenonos said.
“Attackers are focusing their efforts on malware that can disable security services and infect machines stealthily so they can be more easily exploited.”