Kaspersky security solutions have reported on 28 million malware attacks in 2020 and 102 million detections of potentially unwanted programs (pornware, adware etc.) they have accounted for by the beginning of August 2020. These numbers show that it’s not only the malware that attacks users but also the “grey zone” programs that grow in popularity and disturb their experiences, while users might not even know it is there.
Potentially unwanted applications (PUAs) are programs that are usually not considered to be malicious by themselves. However, they are generally influencing user experience in a negative way. For instance, adware fills user device with ads; aggressive monetising software propagates unrequested paid offers; downloaders may download even more various applications on the device, sometimes malicious ones. While calculating interim results of threat landscape activity in African countries, the researchers noticed that PUAs attack users almost four times more often than traditional malware. They also eventually reach more users: for instance, while in South Africa, the malware would attack 415,000 users in 7-months of 2020, the figure for PUA would be 736,000.
“The reason why ‘grey zone’ software is growing in popularity is that it is harder to notice at first and that if the program is detected, its creators won’t be considered to be cybercriminals. The problem with them is that users are not always aware they consented to the installation of such programs on their device and that in some cases, such programs are exploited or used as a disguise for malware downloads. This is why many security solutions, including ours, flags such programs to make sure users are aware of its presence, influence on their device and activity,” says Denis Parinov, a security researcher at Kaspersky.
By taking a closer look at PUA, it becomes apparent that they are not only more widespread but also more potent than traditional malware. Evaluating results over the same 7-month period in Nigeria, there were 3,8 million malware attacks and 16,8 million PUA detections – which is four times as much. Kenyan and South African threat landscapes have been more intense. In South Africa, there were almost 10 million malware attacks and a staggering 43 million PUA detections. Kenyan users faced even more malware attacks – around 14 million, and 41 million PUA appearances.