Nigeria among top targets in global mobile malware surge

Global cybercriminals have ramped up their focus on mobile platforms, with Nigeria among the top 10 countries most heavily targeted by mobile malware, according to a recent report from Zscaler’s ThreatLabz research team.

The discovery revealed that over 200 malicious apps on the Google Play Store—downloaded nearly eight million times—were found to be harboring malware, threatening users across the globe.

Nigeria joins a list of other top targets, including India, the United States, Canada, South Africa, The Netherlands, Mexico, Brazil, Singapore, and the Philippines.

As mobile devices have become the primary means for online activity—with 96.5% of global internet users now accessing the web through their phones—Zscaler’s report highlights a corresponding surge in cyber threats aimed at these platforms.

Based on over 20 million blocked malicious transactions, the report shows a 29% increase in banking malware and a staggering 111% rise in mobile spyware attacks over the past year alone.

These sharp increases are attributed to the rising profitability of mobile cyberattacks, with hackers increasingly bypassing even multi-factor authentication (MFA) systems.

Many cybercriminals rely on phishing tactics, such as fake login pages for banking, social media, and cryptocurrency platforms, to steal sensitive data.

The report also warns of a growing trend of QR code exploitation, as exemplified by the Android banking malware Anatsa, which uses QR codes to target banking apps from over 650 financial institutions worldwide.

Zscaler’s findings underline a disturbing trend of malicious apps appearing even on trusted platforms like the Google Play Store. Of the 200 apps identified and subsequently removed by Google, the most widespread malware was the Joker malware family, accounting for 38% of the malicious apps discovered.

READ ALSO: Experts call for stronger cybersecurity amid surge in attacks

Joker malware engages in Wireless Application Protocol (WAP) fraud, silently subscribing users to premium services without their consent, resulting in unexpected charges.

Other threats include adware, which represented 35% of the malicious activity observed, and Facestealers, a malware strain specifically designed to steal Facebook credentials, making up 14% of the compromised apps.

The report emphasizes that these malicious apps often masquerade as seemingly useful tools, such as PDF readers, QR code readers, file managers, and translators, tricking users into downloading them.

Once installed, these decoy apps deploy more dangerous malware, such as Anatsa (also known as TeaBot), which further compromises users’ devices.

According to the report, Trojans remain the dominant force behind Android-based cyberattacks, accounting for 43% of all malicious payloads. Banking malware relies heavily on trojans, with Zscaler blocking 3.6 million threats associated with this type of malware over the past year.

Trojans continue to be a favorite method for cybercriminals, as they effectively enable unauthorized access to sensitive financial data.

While the researchers observed a decline in Android malware activity by May 2024—reducing the number of blocked malicious transactions to one-third of the figures recorded in June 2023—mobile threats remain significant. Zscaler noted an average of 1.7 million blocked Android malware transactions per month over the past year.

As the use of mobile devices continues to dominate the digital landscape, the threat to mobile platforms is expected to grow. Zscaler’s findings reveal a pressing need for users and regulators to stay vigilant, particularly in countries like Nigeria that remain prime targets for mobile-based cyberattacks.

The report concludes that the future of cybersecurity must focus on enhancing mobile defense mechanisms, using advanced techniques like artificial intelligence and stricter application screening to protect users worldwide from the evolving threat of mobile malware.