Kenyans have been warned against several mobile applications that are secretly taking their information and infringing on their privacy.
The online world is saturated with applications aimed at making work easier, with hundreds of thousands of these applications being available for free download on platforms such as Google play store and App Store.
A US-based security firm, Zscaler ThreatLabz, has compiled a list of applications that are suspected to contain joker malware; a software that takes a user’s details and subscribes them to paid online services.
Image of fingers typing into a keyboard
“This malware is designed to steal SMS messages, contact lists, and device information, and to sign the victim up for premium Wireless Application Protocol (WAP) services,” read the report.
According to a report, most of these apps are used to personalize a user’s phone. They include personalized keyboards, photo editing apps, and messaging apps among others.
Following the discovery of the threat each of these apps poses to users, the firm informed Google and the apps were deleted from play store. The firm opined that people trust Google as the safest source to get and install Android apps.
However, Zscaler ThreatLabz noted that the malicious software keeps updating and modifying its code making it difficult for Google to trace it. In addition, several complaints have been raised and the public is aware of the severe effects of the malware.
Some of the apps flagged by the firm include Instant Messenger, Themes Chat Messenger, Magic Photo Editor, Emoji Theme Keyboard, iMessager, Blood Pressure Diary, Wow Translator, and Mini PDF scanner among others.
Moreover, the apps had a total download of about 300k combined and the general categories of these apps include communication, health, personalization, tools, and photography.
Some of these apps are said to include suspicious links and advertisements that take the unsuspecting user’s information. These links often direct the user to a different webpage.
Kenyans may give information ranging from bank account passwords to payment card details and login credentials for social media accounts.
This often results in some losing huge sums of money with no way of tracing it.
Data by the Communications Authority for the period between January and March 2020 shows 34,644,531 cyber threats