Menu

Researchers at Kaspersky, a global cybersecurity company, evaluating the threat landscape in some African countries have reported 28 million malicious software (or malware) attacks and detected 102 million potentially unwanted applications (PUAs) on devices in Nigeria, South Africa and Kenya. According to a statement released on Tuesday by Kaspersky, those cyberattacks and the spread of PUAs took place over the first seven-month period (January-July) of 2020.      

A PUA, according to the cybersecurity and antivirus provider, is any programme a user may not have chosen to install onto their device. Such programmes include advertising supported software (or adware). These are software that display unwanted advertisements on computers. They are called madware when they affect mobile devices. Pornware is a class of PUA that displays pornographic material on devices.

Some PUAs are legitimately developed programmes but can be used to pose specific threats to users, including distributing malicious software like spyware, viruses, or other malware. Cybercriminals may intentionally mask malware within PUAs, websites that are being advertised, or in accompanying software.

Also, Kaspersky noted that not all application downloads are consensual. Users might not even know the apps are on their devices. Hence, the programmes may be in a moral grey area or fully malicious and illegal.

According to the cybersecurity company, PUAs are not only becoming more widespread; they are also more potent than traditional malware. The researchers found that PUAs attack users almost four times more often than traditional malware. For example, 16.8 million PUAs were detected in Nigeria in the seven-month period – more than four times the 3.8 million malware attacks detected in the country in the same period.

“The reason ‘grey zone’ software is growing in popularity is that it is harder to notice at first and that if the programme is detected, its creators won’t be considered to be cybercriminals," said Denis Parinov, a security researcher at Kaspersky. "The problem with them is that users are not always aware they consented to the installation of such programmes on their device and that in some cases, such programmes are exploited or used as a disguise for malware downloads.”

In South Africa, there were almost 10 million malware attacks and 43 million PUAs detected in the review period. Kenyan internet users, according to Kaspersky, faced even more malware attacks – around 14 million, and 41 million PUAs were found.

Kaspersky said there are two main ways in which adware or madware can get onto devices. They can get on devices via freeware – which are software that are free to use; or shareware – software distributed free on a trial basis. Adware can also get on devices when users visit infected websites, resulting in an unauthorised installation.