× Business BUSINESS MOTORING SHIPPING & LOGISTICS DR PESA FINANCIAL STANDARD Digital News Videos Health & Science Lifestyle Opinion Education Columnists Moi Cabinets Arts & Culture Fact Check Podcasts E-Paper Lifestyle & Entertainment Nairobian Entertainment Eve Woman Travelog TV Stations KTN Home KTN News BTV KTN Farmers TV Radio Stations Radio Maisha Spice FM Vybez Radio Enterprise VAS E-Learning Digger Classified Jobs Games Crosswords Sudoku The Standard Group Corporate Contact Us Rate Card Vacancies DCX O.M Portal Corporate Email RMS

Why your vital mobile data is at increased risk

By Dominic Omondi | September 24th 2017
Faceless thief or hacker stealing login password, money, email, privat messages and credit cards using virus. Flat criminal illustration of hacker coding bug to hack data. Photo:Courtesy

Should you feel the urge to download and install a less-known mobile application from Google Playstore, just be cautious.

It might just be one of the many conduits cyber-criminals are using to steal vital information from your phone, including PINs and bank account passwords.

According to a report by cyber-security provider CheckPoint Software Technologies, Kenya is one of the countries that are targeted by mobile banking malwares, a risk to the many who do their banking on mobile phones.

A malware, short for ‘malicious software,’ is software, programme or file that is intended to damage or disable computers and computer systems.

One such malware which was among the top 10 malware families that hit Kenya in the first half of 2017 is Fireball.

Spread mostly by being installed on a victim’s machine alongside a wanted programme - often without user consent - Fireball is capable of executing any code on the victim's machine.

This can then result in a wide range of actions from stealing credentials to dropping additional malware.

“Fireball runs in the browser,” says Micheal Tumusiime, a software engineer at CheckPoint in charge of the Eastern Africa region.

“It tries to steal information you input in the browser. For example, if I use my browser, Fireball is able to capture that. And, of course, with that there is a lot they can do,” he told Weekend Business.

Mr Tumusiime did not reveal the extent of such attacks but said their effects have got more pernicious.

Hiddad is another malware that infiltrates the Android operating system, repackages apps and then puts them on third party servers. “The app still works like the original one does, but in the background it is trying to steal sensitive information,” he said.


Another one, RookieUA, steals log-ins such as usernames and passwords and sends them to a remote server. It is a chilling development where cyber criminals have managed to bypass Google’s stringent controls to install such software on Google Playstore.   

In August, there was an attack by another malware known as Gooligan. This is an Android malware capable of routing devices and email addresses and authentication tokens stored on the device.

With the information, an attacker can access a victim’s Google account data such as Google Photos, Gmail and Google Drive. “More than one million Google accounts were breached by Gooligan, with an average of 13,000 breaches each day at the campaign peak,” says CheckPoint in their latest report.

The infection by Gooligan begins when a user downloads and installs a malicious app containing Gooligan code on a vulnerable Android device. After installation, an infected app sends data about the device to the campaign’s command and control server.

There is also Ztorg malware which is said to have attacked Kenya in August. They are able to obtain escalated privileges on Android devices and install themselves in the system directory.

The malware is then able to install any other application on the device.

It is thus important for banks urge their customers to use biometric authentication for mobile banking and help them to install technologies that can detect the presence of malware on mobile devices, security experts advise.

Central Bank of Kenya knows this too well. In its Bank Supervision Annual Report 2016, the regulator notes that increased use of ICT has also seen a rise in cases of ICT-related frauds in the recent years. 


“Data on fraud reported to Banking Fraud and Investigation Department indicate that cases relating to computer, mobile and Internet banking are on the rise,” read the report.

“Another emerging threat has been cyber-crime where criminals gain unauthorised access to institutions’ computer programmes and data. As a result, there is urgent need for the banking sector management to ensure increased use of computer-based transaction process is matched with effective controls,” adds CBK.

But ultimately, said Mr Tumusiime, it is the responsibility of the individual to take extra care by verifying what they are installing on their phones and putting in place sufficient protective measures.


Share this story
AU in move to harmonise mineral resource exploitation
An initiative to set up an African mineral resource classification system to harmonise exploitation across the continent, is now underway.
Survey: Why 40 pc of workers want to quit their jobs
More than half of 18 to 25 year-olds in the workforce are considering quitting their job. And they are not the only ones.