In year 2020, amid the Covid-19 pandemic, Upstream’s global anti-fraud and cybersecurity platform, Secure-D discovered hundreds of thousands of malicious apps on across various app stores, and most of them were games apps.
This is contained in the company’s 2021 Mobile Ad Fraud and Malware Report dubbed “A pandemic on mobile”, to indicate that ad fraud and malware in apps and devices also reached pandemic levels during the Covid-19 pandemic.
According to the report, 21 per cent of the most malicious apps found on Google Play and in third party app stores were games apps, which is the highest of the total.
Games apps were followed by Tools, Personalization and Productivity apps with 20 per cent, then Entertainment, Lifestyle and Shopping Health & Fitness, House & Home apps combined are next with 17 per cent; Communication, Social, News & Magazines, Dating – 12 per cent.
The rest are Books & Reference, Education – 9 per cent; Music & Audio, Video Players & Editors, Media – 8 per cent and finally Food and Beverage accounted for only 6 per cent malicious apps.
Out of the several malicious apps discovered, Secured-D was able to block 45,000 of them, while the rest remain available on the various app stores.
The report examines how mobile ad fraud and malware are advancing as the whole world turned online and mobile during the Covid-19 pandemic.
It indicated that within just a one year period, the spike in ad fraud and malware was unprecedented, and it affected mobile operators, end-users and advertisers like never before in the history of cyber attacks.
Backing this with statistics, the report said there were 108.5 billion app downloads in 2020, and one out of every 36 mobile devices downloaded a high-risk app in the course of the year.
It also noted that advertisers spent a whopping US$240 billion on mobile adverting globally, which represents a 26 per cent over that of the previous year, so mobile fraudsters targeted that spend and they are expected to have made some US$44 billion from fraudulent activities on mobile by the close of 2022.
According to the report, Secure-D made the discovery by analyzing 1 billion mobile transactions and service sign-ups for 35 mobile operators in 23 emerging markets who serve over 840 million subscribers.
Per the report, 95 per cent of the transactions analyzed, were found to be fraudulent, and and “29% of the most malicious apps still made Google Play even though 2020 also saw a shift toward third party app stores.
The report however noted that out of the lot, a whopping 93 per cent fraudulent purchase attempts were blocked due to the detection of malicious bots.
It said, by blocking the 93 per cent attempted fraudulent transaction, Secure-D saved the victims some US$1.3 billion.
While, revealing the the top apps responsible for malware and the most dangerous app stores, the report also pointed out the most vulnerable markets, and offered insights into what mobile operators and end-users can do to protect themselves from threat actors.
In terms of the most vulnerable markets, Indonesia topped the chart with 99 per cent of transaction examined in that country being fraudulent, while Brazil came next with 96 per cent of transaction examined proving to be fraudulent.
In a chilling statement, that shows how committed fraudsters are to their vice, the report said “A single mobile device in Brazil attempted to make 15,997 purchase attempts
from the ‘Best QR Code Scanner’ app in the course of one month. In that
same month in Thailand, one user appeared to make 10,687 sign up attempts
from the ‘com.meizu.safe’, a system app found on MEIZU smartphones.”
In neighboring Nigeria, one in nine mobile devices were found to have been infected with malicious malware, while some 576 malicious apps are active in that country. In South Africa, one in ten mobile devices are infected and there are nine thousand malicious malware at play.