Nigeria, South Africa, Kenya see enhanced curtailment of targeted malware schemes – Kaspersky

Share this story

According to Kaspersky’s latest research on the threat landscape trends, South Africa, Kenya and Nigeria are facing a dramatic change in the threat landscape. While regular, self-propagating malware is decreasing dramatically, as it is no longer effective and cannot fly under security radars, the region will see the growth of new cybercrime models in the upcoming year.

While comparing the overall number of mass cyberattacks in 2021, security researchers at Kaspersky noticed a 7,5% decrease in Nigeria, 12% decrease in South Africa and an unprecedented 28,6% decrease in Kenya. The reason for such a change was the introduction and popularisation of new cybercrime models in the region, with cybercrime tools becoming more targeted along with a long running trend where malware creators rely not on the technical advantage of their technologies over security protection, but on the human factor. This has stimulated the evolution of phishing schemes in 2021. In particular, the region saw a wave of ‘Anomalous’ spyware attacks.

“The Anomalous spyware attacks have a huge potential for growth in South Africa, Kenya and Nigeria in 2022, because unlike regular spyware the entry level for attackers who wish to employ this tactic is significantly lower – since instead of paying for their own infrastructure, they abuse and employ the victims’ resources. We see that cheaper attack methods have always been on the rise in the region and cybercriminals quickly pick up on new tactics. Kaspersky therefore suggests that in the nearest future, these countries should be prepared for such attacks”, says Maria Garnaeva, Senior Security Researcher at Kaspersky ICS CERT team.

However, the mass scale attacks are not disappearing, but rather transforming. Garnaeva also reports on a mass-scale and pervasive fake installers campaigns, where fake pirated software sites serve up malware as a service. The scheme is usually the following: a user searches for a free version of an extremely popular legitimate spyware. The cybercriminals are offering them a fake installer using ‘black SEO technic’ – the abuse of the legitimate search engines, resulting in the offering of the fraudulent websites first. As a result of software installer execution, a few dozen malware samples are downloaded and installed with a goal of turning the infected devices into a part of the Glupteba botnet. The whole fake installers campaign and botnet has been extremely active in South Africa in 2021 and continues to evolve, yet it is scarcely researched.


In order to stay protected from such new cybercrime models and threats, Kaspersky recommends the following:

·         Pay close attention to and don’t open any suspicious files or attachments received from unknown sources.

·         Do not download and install applications from untrusted sources.

·         Create strong passwords and don’t forget to change them regularly.

·         Always install updates. Some of them may contain critical security issues fixes.

·         Ignore messages asking to disable security systems for office software or antivirus software.

·         Use a robust security solution appropriate to your system type and devices, such as Kaspersky Internet Security or Kaspersky Security Cloud.

Share this story

You May Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *