Mobile malware attacks in Philippines dropped but more sophisticated, says cybersecurity firm

June 22, 2022 - 5:36 PM
Image by B_A from Pixabay

While the number of mobile malware attacks in the Philippines declined, global cybersecurity firm Kaspersky sounded the alarm over cybercriminals that have become “increasingly inventive” with more sophisticated attacks. 

Data from Kaspersky found that detected attempts to attack Filipino mobile users in 2021 fell to 34,010, or 38.84% compared to 2020. The cybersecurity firm, however, stressed that the downward trend of mobile malware attacks across Southeast Asian countries does not mean that the public should let their guard down. 

“At the surface, it may seem that cybercriminals are becoming less active because of the decreased mobile malware attacks. But it is a global trend and it does not necessarily mean we are safer,” said Yeo Siang Tiong, Kaspersky general manager for Southeast Asia. 

The firm warned the public against malicious codes in the form of Trojans being injected in third-party ad modules, loaded into legitimate programs to look like updates or added to legitimate applications on app stores such as Google Play and Android’s APKPure

Trojans are malicious software that can delete, block, modify or copy data to disrupt the performance of devices or computer networks. Unlike viruses and worms, Trojans cannot make copies of themselves. The top mobile malware attacks detected in the Philippines are also all Trojans. 

In 2021, the Philippines was the hardest hit by Banking Trojans in the Asia Pacific region, accounting for 22.26% of all banking Trojans discovered in the region that same year. Banking Trojans, which the cybersecurity firm considers the most dangerous type of malware, allows cybercriminals to steal money from victims’ online banking accounts and e-wallets. 

As the country continues to see a boom in digital payment and cashless transactions, Kaspersky also cautioned the public against Fakecalls Banking Trojans, where the malware would the call if the victim tries to contact their bank and replace it with a pre-recorded response of a fake bank representative stored in the Trojan’s body. This would trick the victim into thinking that a bank employee answered the call. 

Of the two million aggregated mobile attacks detected by Kaspersky in Southeast Asia from 2019 to 2021, the Philippines leads alongside Indonesia and Malaysia in logging the most number of this type of mobile threat. 

The cybersecurity firm advised users to download applications from trusted developers, ignore applications that promise overly generous payouts, and be wary of giving applications access to users’ personal information.