Here's how crooks infect South African PCs

Cape Town - Removable drives are the main source of malware infections facing South Africans, even as cyber crooks target financial information, says a security expert.

"While mobile and financial malware, advanced persistent threats and web threats are becoming more popular among cybercriminals, removable devices and local networks are still the prime sources of IT risks for users in Africa," Ghareeb Saad, senior security researcher with the Global Research & Analysis Team, Middle East, Turkey and Africa at Kaspersky Lab told News24.

He said that the company prevented 49 million cyber attacks in Africa, and around 10% or 4.6 million were in SA.

"The most popular malware used by cybercriminals in the region in the first quarter - the Dinihou Worm - was responsible for approximately three million infections," said Saad.

"It spreads through removable media devices making use of .LNK files. The most frequently exploited vulnerabilities were breaches in VLC Media Player. There were also numerous incidents of security holes in Oracle Java being exploited in South Africa," he added.

Malware outbreaks

Despite the threat, Kaspersky said that only 29.6% South African computer users faced local threats and 15.4% had to deal with web-based attacks.

"This places South Africa 130th worldwide when it comes to local threats and 141st in terms of web-related threats," said Saad.

The lack of internet penetration and cable broadband in the country are possible two of the factors that prohibit massive malware outbreaks in SA, but that has not stopped cyber criminals from following a specific modus operandi when targeting computer users.

The ubiquitous use of flash drives makes them ideal delivery mechanisms for the spread of viruses in SA. (Duncan Alfreds, News24)

Cyber criminals are known to follow a pattern of targeting the most popular platforms and users.

As Microsoft Windows became the most popular operating system, cyber crooks began writing viruses and worms to infect PCs. As a consequence of the mass migration to Android mobile devices, those smartphones and tablets are being targeted by criminals intent on stealing personal and financial information.

"There's no absolutely safe operating system at the moment. The more popular the software is, the more it is targeted by cybercriminals," said Saad.


Apple users had long boasted that their machines were virus free but Saad said that this was a myth as Apple Macs were caught in a huge botnet.

"The myth about Mac OS security was demolished when in 2012 the quantity of created anti-virus entries grew by 30% in comparison with 2011, and notorious Flashfake Trojan managed to create the biggest Apple botnet which consisted of 100 million devices all over the world."

- Follow Duncan on Twitter
We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For 14 free days, you can have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today. Thereafter you will be billed R75 per month. You can cancel anytime and if you cancel within 14 days you won't be billed. 
Subscribe to News24
Show Comments ()
Rand - Dollar
Rand - Pound
Rand - Euro
Rand - Aus dollar
Rand - Yen
Brent Crude
Top 40
All Share
Resource 10
Industrial 25
Financial 15
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot
Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on News24.

Government tenders

Find public sector tender opportunities in South Africa here.

Government tenders
This portal provides access to information on all tenders made by all public sector organisations in all spheres of government.
Browse tenders