The 2021 Mobile Ad Fraud and Malware Report from Upstream’s Secure-D, dubbed “A pandemic on mobile”, indicate that 71 percent malware-infected apps discovered on various app stores in emerging markets are still active in those stores as of now.
The report which pointed to the fact mobile ad fraud and malware in apps and devices also reached pandemic levels during the Covid-19 pandemic, noted that threat actors are increasingly turning their attention away from Google Play Store to other third-party app stores.
Upstream CEO, Dimitris Maniatis says: “The disruption from the pandemic has resulted in a sudden surge of online activity for business, schooling, entertainment and socializing. This has in turn caused a spike of fraudulent activity from bad actors looking to exploit the situation. The digital divide has left users in emerging markets particularly vulnerable, not only because they depend on tools like direct carrier billing, but because their mobile devices are often their only gateway into the online world”.
The report noted that Secure-D analyzed some one billion mobile transactions and service sign-ups for 35 mobile operators in 23 emerging markets covering nearly 840 million users and came up with the findings.
Per the findings, “71% of malware-infected apps are available to consumers on such stores. This is a sharp rise from 49% 12 months prior, demonstrating a shift in fraud towards less secure and unregulated sources,” it said.
It added, that Google Play Store, which in time past, was the most risky app stores, now proves to be the safest choice for downloading Android applications.
However the 29% of malicious apps recorded that still went through Google (7% were removed from the store) show that even apps from legitimate sources can be compromised.
The report noted that the COVID-19 crisis dramatically intensified the risk of digital fraud as most business and personal activity went online.
Top on the list of most malicious apps are gaming apps, which accounted for 21 per cent of the total.
Gaming Apps surpassed “Tools and Personalization” apps, which were the most malicious in 2019.
“Even popular, legitimate gaming apps were targeted,” the report said.
Topmost suspicious app
But the topmost suspicious app of the period is “com.android.fmradio”, a radio player app, responsible for 99.8 million fraudulent transactions. That app has infected 356,270 devices globally but was blocked by Secure-D, and has been removed from the Google Play Store.
Heavily featured in the top ten most malicious apps lists are system apps, which typically come preinstalled on low-end Android handsets. These handsets are often the most popular phones in emerging markets due to their low price point.
Freemium video apps such as SnapTube and VivaVideo are also main agitators in emerging markets, with the latter trying to initiate premium subscriptions while delivering invisible ads to users in order to generate fake clicks, causing a multi-million dollar problem for the mobile advertising ecosystem.
Meanwhile, in emerging market, 16 per cent of mobile devices are reported to be harboring malicious apps, which globally, the rate of maliciously infected mobile devices is 2.6 per cent.
But Secure-D said out of the 46,000 malicious apps it discovered on Google Play Store alone, over the period, 93 per cent were blocked, while it also blocked several fraudulent mobile transactions and sign ups, saving end-users an estimated US$1.3 billion in the process.
“One example of how malicious apps operate is the ‘Best QR Code Scanner’, an app removed from Google Play, that triggered 15,997 transaction attempts from a single user’s mobile in Brazil in just one month”, says Head of Secure-D at Upstream, Geoffrey Cleaves.