IT News Online – South Africa, Kenya and Nigeria see a decrease of ordinary threats, yet experience a massive increase of targeted malware schemes

According to Kaspersky’s ( newest analysis on the menace panorama developments, South Africa, Kenya and Nigeria are going through a dramatic change within the menace panorama. While common, self-propagating malware is reducing dramatically, as it’s not efficient and can’t fly below safety radars, the area will see the expansion of new cybercrime fashions within the upcoming 12 months.

While evaluating the general quantity of mass cyberattacks in 2021, safety researchers at Kaspersky seen a 7,5% decrease in Nigeria, 12% decrease in South Africa and an unprecedented 28,6% decrease in Kenya. The purpose for such a change was the introduction and popularisation of new cybercrime fashions within the area, with cybercrime instruments turning into extra targeted together with a lengthy working development the place malware creators rely not on the technical benefit of their applied sciences over safety safety, however on the human issue. This has stimulated the evolution of phishing schemes in 2021. In explicit, the area noticed a wave of ‘Anomalous’ adware assaults.

The typical phishing adware assault begins when attackers infect a sufferer by sending them an e-mail with a malicious attachment or a hyperlink to a compromised web site and ends when the adware is downloaded and activated on the sufferer’s gadget. Having gathered all vital information, the operator normally ends the operation by trying to go away the contaminated system unnoticed. In the anomalous assaults, nonetheless, the sufferer’s gadget turns into not solely a supply of information but additionally a device for adware distribution. Having entry to the sufferer’s e-mail server, the malware operators use it to ship phishing emails from a official firm’s e-mail handle. In this case, anomalous adware assaults an organisation’s server for gathering stolen information from one other organisation and sending additional phishing emails.

“The Anomalous adware assaults have a enormous potential for development in South Africa, Kenya and Nigeria in 2022, as a result of not like common adware the entry stage for attackers who want to make use of this tactic is considerably decrease – since as a substitute of paying for their very own infrastructure, they abuse and make use of the victims’ sources. We see that cheaper assault strategies have all the time been on the rise within the area and cybercriminals rapidly choose up on new ways. Kaspersky subsequently means that within the nearest future, these nations needs to be ready for such assaults”, says Maria Garnaeva, Senior Security Researcher at Kaspersky ICS CERT staff.

However, the mass scale assaults usually are not disappearing, however quite reworking. Garnaeva additionally experiences on a mass-scale and pervasive pretend installers campaigns, the place pretend pirated software program websites serve up malware as a service. The scheme is normally the next: a person searches for a free model of a particularly standard official adware. The cybercriminals are providing them a pretend installer utilizing ‘black search engine marketing technic’ – the abuse of the official search engines like google and yahoo, ensuing within the providing of the fraudulent web sites first. As a consequence of software program installer execution, a few dozen malware samples are downloaded and put in with a aim of turning the contaminated units into a half of the Glupteba botnet. The entire pretend installers marketing campaign and botnet has been extraordinarily energetic in South Africa in 2021 and continues to evolve, yet it’s scarcely researched.

“While the Glupteba botnet appears to be a menace for customers, we’re nonetheless researching it and keeping track of its behaviour, since some distributed malware resembles APT-associated samples like Lazarus APT teams and have been not too long ago used within the largest DDoS assault in Russia. It is just too early to say it with a excessive stage of confidence, however these components might counsel that we are actually coming into the period the place APT actors begin to use current malware distribution platforms which makes an attribution of such assaults more durable and opens a new vector much like provide chain assaults,” provides Garnaeva.

In order to remain protected against such new cybercrime fashions and threats, Kaspersky recommends the next:

  • Pay shut consideration to and don’t open any suspicious recordsdata or attachments acquired from unknown sources.
  • Do not obtain and set up purposes from untrusted sources.
  • Do not click on on any hyperlinks acquired from unknown sources and suspicious on-line commercials.
  • Create robust passwords and don’t overlook to alter them frequently.
  • Always set up updates. Some of them might comprise crucial safety points fixes.
  • Ignore messages asking to disable safety techniques for workplace software program or antivirus software program.
  • Use a strong safety answer applicable to your system kind and units, similar to Kaspersky Internet Security ( or Kaspersky Security Cloud (

Distributed by APO Group on behalf of Kaspersky.

For additional info please contact:
Sandy Greaves Campbell | INK&Co.
Cell: +27 83 408 3373
[email protected]

About Kaspersky
Kaspersky is a international cybersecurity and digital privateness firm based in 1997. Kaspersky’s deep menace intelligence and safety experience is consistently reworking into progressive safety options and companies to guard companies, crucial infrastructure, governments and customers across the globe. The firm’s complete safety portfolio contains main endpoint safety and a quantity of specialised safety options and companies to combat subtle and evolving digital threats. Over 400 million customers are protected by Kaspersky applied sciences and we assist 240,000 company purchasers defend what issues most to them. Learn extra at


Disclaimer: Please be aware that INK&Co. utilise the companies of content material distribution firm lists, that are subscriber based mostly and up to date frequently. To unsubscribe from receiving information and/or press releases from INK&Co. please e-mail [email protected].

Related Posts