One In Six Android Phones In Developing Markets Infected

A new report from mobile tech specialist Upstream has revealed the scale of the security challenge for Android devices in developing nations.

The report, available here, examines the state of the mobile market during the pandemic, and looks at the fraud and malware challenges faced during 2020 and 2021.

Upstream is a mobile technology provider and it provides 1.2 billion people with affordable and secure access to digital services.

Android infections

One of the most noteworthy highlights of the report is that it found that one in six Android Phones in developing markets are now infected with mobile malware.

These developing markets include countries such as Brazil, Indonesia, Thailand, South Africa and Nigeria are being disproportionally impacted compared to rest of world.

But why are Android phones in those countries more likely to be infected with malware?

Well, it seems the answer is down to the increased use of third-party stores in those countries, with Upstream reporting that criminals are moving away from the official Google Play store to third party stores to avoid detection and penalties.

Indeed, Upstream found that 71 percent of malware-infected apps are now on third party stores.

It seems that mobile users in development nations, who are already disadvantaged by an economic and digital divide, also suffered the most from digital fraud throughout the Covid-19 pandemic.

In emerging markets such as Brazil, Indonesia, South Africa and Thailand, 16 percent of mobile devices that processed a transaction were found to be infected with malware, Upstream warned, which discovered this thanks to its anti-fraud platform, Secure-D.

Malicious Apps

The findings for Upstream’s 2021 report entitled: “A Pandemic On Mobile – Mobile Ad Fraud and Malware” Insights were gathered thanks to Secure-D processing 1 billion mobile transactions and service sign-ups for 35 mobile operators in 23 emerging markets, covering nearly 840 million users.

Upstream’s Secure-D reportedly detected 46,000 malicious apps in circulation, with a global block rate of 95 percent.

This translates as roughly one in six (16 percent) mobile devices carrying at least one infected app.

Globally, only one in 36 (2.6 percent) of devices are reported to be harbouring high-risk apps.

“One example of how malicious apps operate is the ‘Best QR Code Scanner’, an app removed from Google Play, that triggered 15,997 transaction attempts from a single user’s mobile in Brazil in just one month”, said head of Secure-D at Upstream, Geoffrey Cleaves.

Developing nations

The report found that emerging markets are disproportionately impacted with mobile infections, with Indonesia having one of the highest infections rates, as over 99 percent of mobile transactions were flagged as fraudulent and subsequently blocked by the platform in that country.

Brazil followed with a block rate of 96 percent, with Thailand a close third at 92 percent.

The problem stems from the fact that users in developing nature tend to rely on their mobile device to connect to the online world.

And because these countries typically have poor fixed network infrastructure, coupled with a lack of Wi-Fi, many of these users in developing nations are digital novices and are faced with relatively high data costs compared to those in developed markets.

Also issue is that millions of people in these developing nature tend not to have a bank account, and instead use their mobile devices to pay for goods and service, which in turn exposes them to criminals.

This problem has been compounded during the Coronavirus pandemic that has swept the globe in 2020 and 2021.

Third-party stores

Another issue is the shift away from the official Google Play Store for Android apps.

Criminals are increasingly turning their attention away from Google Play to other third-party app stores.

Upstream found that 71 percent of malware-infected apps are available to consumers on such stores.

This is a sharp rise from 49% percent 12 months prior, demonstrating a shift in fraud towards less secure and unregulated sources.

Therefore the advice is to always try and use the Google Play store, as it proves to be the safest choice for downloading Android applications.

That said, 29 percent of malicious apps detected still went through Google (7 percent were removed from the store).

Gaming apps, radio playing appss, freemium video apps such as SnapTube and VivaVideo are all popular apps for infections by criminals.

“The disruption from the pandemic has resulted in a sudden surge of online activity for business, schooling, entertainment and socializing,” noted Upstream CEO, Dimitris Maniatis. “This has in turn caused a spike of fraudulent activity from bad actors looking to exploit the situation.”

“The digital divide has left users in emerging markets particularly vulnerable, not only because they depend on tools like direct carrier billing, but because their mobile devices are often their only gateway into the online world,” said Maniatis.