Cape Town – South Africans are unwittingly downloading thousands of malicious programs designed to steal financial information, a security company has warned.
Trend Micro has reported that the malware count in SA has reached 55 646 in March, up from 37 470 in April.
The virus count affecting SA was 954 in March, compared to 456 in February.
“What this highlights is that mobile makes everyone a target with malicious apps like fake banking apps being designed to rob victims,” said Trend Micro.
The company said that ‘ransomware’ was also making inroads in SA with a new program that locks smartphones without any external commands.
Fake banking apps
Kaspersky Lab found that the Locky (Trojan-Ransom.Win32.Locky) ransomware was detected in 114 countries and SA has experienced the sixth highest number of attacks at 220, the highest number in Africa.
Trend Micro said that fraudulent apps ensure that they are able to change critical system settings on mobile devices.
“We acquired a sample of a fake banking app in Russia named Fanta SDK that is capable of changing the phone’s password when the user tries to remove or deactivate the application’s admin privileges. It also has a unique way of running its routine by waiting for certain commands before it launches its attack,” the company said.
The firm’s Operation Emmental discovered malware capable of generating fake bank one-time password codes to gain access to financial information.
“The malware communicates to specific URLs or phone numbers without the user’s awareness or consent. Depending on the attacker’s preference, the malicious app can send messages to these destinations in real-time via SMS, or at a later time via an internet connection,” said Trend Micro.