A new report has suggested that India is among the countries with the most Android infections. The T2 2022 Threat Report by Malware protection and Internet Security firm ESET suggests that India was among countries with most detections of Android/ Spy Agent Trojan malware as Android threat detections continued to grow in T2 2022 by 9.5 per cent.

These trojan agents are malware files or code that arrive on a target device undetected, often blended with or disguised as another app and then spy on the target devices, with capabilities going as far as secretly recording audio and video.

‘GB WhatsApp’ responsible among responsible apps

The report adds that third-party WhatsApp client/clone GB WhatsApp, which offers its users all of WhatsApp’s standard features along with some added benefits, was responsible for a large portion of Android spyware detection in the last four months.

As the clone app is not available via the Google Play Store and is sideloaded by most of its users, it carries a number of security risks. Like most APK files, the sideloaded file can be easily modified and can contain malware before users even download it. Without the protection of the Play Store, these apps with malicious code can run through your system easily once installed.

The worst part about a trojan malware is the attacks will not be immediately noticeable and while the malicious code may spy on you, day-to-day performance of your phone may not be affected enough to notice a difference. This is why these attacks are not only difficult to spot, but also to get rid of, often requiring a full devices reset to wipe the malicious code.

IoT botnet ‘Mozi’ numbers drop, but India, China remain key geolocations

The country also ranked second just below China as the geolocation for bots making up IoT botnet ‘Mozi’ as per the report.

“The biggest zombie IoT botnet ‘Mozi’ saw the number of bots drop by 23% from 500,000 compromised devices in T1 to 383,000 in T2. However, China (53%) and India (35%) continued to have the highest number of IoT bots geolocated inside the respective countries. These statistics confirm the assumption that the Mozi botnet is on autopilot, running without human supervision since its reputed author was arrested in 2021,” the report mentions.