Iran has the highest number of malware in phones in the world, according to the latest report by Kaspersky.
Because of foreign sanctions in the field of technology and domestic filtering, most Iranians have at least one VPN application on their phones which, in many cases, contains some kind of malware.
A multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, Kaspersky publishes regular reports on global communications safety. In its report for the first three months of 2022, it announced that Iranian mobile phones had the highest number of malware at 35.25% compared to other countries, ICTNA reported.
Iranian users accidentally infect their phones by installing insecure software and applications, especially a VPN.
Unaware that some of these malware appear in the role of a botnet or zombie without the user's knowledge, it can be used to exploit and initiate cyberattacks, including DDoS attacks.
Zombie is the term used in cybersecurity to refer to the people or devices that are unintentional perpetrators of a cyberattack.
The issue that misleads users in installing unwanted malware is the release of these software in official and famous app stores. Since users trust these app stores, they assume that whatever is offered to them by these stores is safe.
Another point is advertising malware that infects users' phones with the name of adware. As Kaspersky reported, this type of software has caused the greatest amount of infection in the phones of Iranians.
Adware is a form of malware that hides on the users’ devices and serves them advertisements. Some adware also monitors users’ behavior online so it can target them with specific ads.
Kaspersky's Q1 report shows that 35.25% of phones in Iran are infected with various malware. In other words, one out of every three Iranian phones is infected. The biggest threats that can be seen in the phones of Iranian users are the adware related to Notifyer and Fyben groups.
While the activity of cybercriminals on phones during the first quarter of 2022 did not change noticeably compared to the end of 2021, Kaspersky's report indicates a decrease in overall attacks during the period.
Turning Users Into Zombies
The installation of some applications makes users botnets or zombies.
Naeem Farhadian, a network expert, in an interview with the Persian newspaper Hamshahri, pointed out that users inside Iran can be used for attacks designed from abroad.
"What we are witnessing now is that Iranian botnets or zombies have also been created. In practice, an attacker from inside Iran can carry out distributed denial-of-service, which are known as DDoS attacks," he explained.
In a DDoS attack, multiple compromised computer systems attack a target and cause a denial of service for users of the targeted resource. The target can be a server, website, or other network resources.
According to the expert, the attacker needs a large number of so-called zombies or botnets to serve the main attacker.
By emphasizing that botnets are currently based in Iran, Farhadian said the installation of many insecure applications by users can act as an attacker to a website.
What makes Kaspersky's report interesting is that many fake applications are available to users through official app stores.
Users of an application or VPN should consider the fact that the ratings of these tools can be exaggerated. Even fake positive comments may be seen about them in app stores.
Therefore, the most important thing that can be done to protect phones from getting infected is increasing users' cyberspace awareness.
Infections of mobile phones and other devices used by users can happen in different ways and when users are familiar with some scams and fake applications or websites, they can prevent a noticeable number of infections.
Ranking of Other Countries
Kaspersky’s report presented the ranking based on the percentage of malware infection in different countries.
It is noteworthy that Iran was followed by China in terms of infected phones. In fact, 26.85% of Chinese users' phones are infected with various types of malware, according to Kaspersky's report for Q1 2022.
The number of infected phones in China is very significant, considering the enormous size of the country’ population and number of cellphone users.
Yemen with 21.23%, Oman with 19.01%, Saudi Arabia with 15.81%, Algeria with 13.89%, Argentina with 13.59%, Brazil with 10.80%, Ecuador with 10.64% and Morocco with 10.56% are ranked third to 10th highest in terms of infected phones worldwide.
