Cyber criminals are targeting South African mobile phones with malicious software designed to push unwanted advertising as the main means of monetisation, according to a security company.
“Almost every detected threat in South Africa is an advertising Trojan that can use root rights on the phone,” Roman Unuchek, senior malware analyst at Kaspersky Lab USA, told Fin24.
Trojans are malicious software applications that disguise their intended purpose and are used to gain access to devices.
Unuchek said that there has been a spike in the use of Trojans that use advertising as the main means of monetisation.
“In the first quarter of 2015, the mobile malware Top 20 contained just one Trojan of this type; by the end of the year, they made up more than half of the rating. Despite the fact that these Trojans are designed to download and install advertising applications without the user’s knowledge, they can cause a lot of problems.”
Recent research from the company suggested that Android smartphones running older versions of the operating system (OS) may be vulnerable to a collection of malware families dubbed “Triada”.
These malicious programs embed themselves into smartphones and download advertising as well as other malwares that could overwhelm users.
Kaspersky data showed that Trojans targeted Android version 4 (KitKat, Jellybean and Ice Cream Sandwich) and above about 60.4% of the time because of the vulnerabilities associated with the OS.
“Once installed, they try to root the device and install their own components in the system making them difficult to remove. Some of them remain on a smartphone even after resetting to factory settings,” Unuchek said.
Symptoms of infection include the use of mobile data, battery depletion and intrusive ads on applications.
In 2015, Kaspersky detected 2 961 727 malicious installation packages, 884 774 new malicious mobile programs, and 7 030 mobile banking Trojans.
Malware like Trojan Trojan-SMS.AndroidOS.OpFake.cc is able to imitate legitimate banking applications so that criminals are able to steal logon details as well as One Time Passwords.