New Delhi: Nearly 33.8 million attacks on mobile devices from malware, adware, and riskware were blocked in 2023 globally, highlighting a 50 per cent increase of such attacks over the previous year’s figures, a new report revealed on Friday.
Researchers analysed three new dangerous Android malware variants — Tambir, Dwphon, and Gigabud.
The Tambir, Dwphon, and Gigabud malicious programmes exhibit diverse features, ranging from downloading other programmes and credential theft to bypassing two-factor authentication (2FA) and screen recording, jeopardising user privacy and security, according to the global cybersecurity company Kaspersky.
“Android malware and riskware activity surged in 2023 after two years of relative calm, returning to levels seen in 2021 by the end of the year,” said Jornt van der Wiel, senior security researcher at Kaspersky’s GReAT.
According to the report, Tambir is a spyware application targeting users in Turkey.
Disguised as an IPTV app, it collects sensitive user information, such as SMS messages and keystrokes, after obtaining the appropriate permissions.
Dwphon, discovered in November 2023, targets cell phones from Chinese OEM manufacturers, primarily targeting the Russian market. The malware is distributed as a component of a system update application and collects information about the device as well as personal data.
Gigabud, active since mid-2022, was initially focused on stealing banking credentials from users in Southeast Asia, but later crossed borders into other countries such as Peru. It has since evolved into a fake loan malware and is capable of screen recording and mimicking tapping by users to bypass 2FA, the researchers said.
“Users should exercise caution and should avoid downloading apps from unofficial sources, meticulously reviewing app permissions,” said Wiel. He further mentioned that these apps lack exploitation functionality and depend solely on permissions granted by the user, adding that using anti-malware tools can help preserve the integrity of your Android device.