The increase of cyber crime and malware infection has found the adoption of Android mobiles to further spread the use of ransomware. Reports done by Kaspersky have found that in the past year the amount of cyber attacks using ransomware to extort android users has almost increased four fold, affecting upwards of 136, 532 users between the years 2015 and 2016. From what was sitting at around 35, 000 attacks at the end of 2015, not only the total amount of effected devices has risen as Android continues to take a bigger piece of the mobile market. The proportion of Android users attacked by any kind of malware has risen from 2.04% to where it now sits at almost 5%.
Although the number of affected Android users has increased, the use of screen-blocking ransomware continues to plummet. This is believed to be due to the fact that cyber criminals have begun to predominately use what is known as crypto-ransomware rather than the more traditional screen-blocker. This is a result of the affected users ability to be able to remove such screen-blocking ransomware from a PC with the use of external hardware. Android operated devices however do not bear the same ability, meaning that a mobile screen blocker is just as effective as any other ransomware.
From further research it was found that Germany, Canada, the United States and the United kingdom are the 4 countries that have received the highest percentage of Android Based ransomware attacks in the world. This ransomware will not affect devices on Russian and other eastern European service providers, something that is becoming quite common among use of Ransomware by Cyber Criminals.
The mobile ransomware is most likely to be spread through use of untrustworthy websites such as pirate and porn websites, its representatives usually appearing under the multimedia application called ‘xxxPlayer’ used for watching porn videos. Once downloaded, the Ransomware will install and infect the users mobile device demanding the payment of up to $200.., required to be paid in the form of itunes cards. This can be seen within SecureList’s image below.
Roman Unuchek, a mobile security expert from Kaspersky Lab believes that:
“The extortion model is here to stay. Mobile ransomware emerged as a follow-up to PC ransomware and it is likely that it will be followed-up with malware targeting devices that are very different to a PC or a smartphone. These could be connected devices like smart watches, smart TVs, and other smart products including home and in-car entertainment systems. There are a few proof-of-concepts for some of these devices, and the appearance of actual malware targeting smart devices is only a question of time.”
In order to protect yourself from mobile ransomware attacks, Kaspersky Lab advises the following measures:
- Restrict the installation of apps from sources other than official app stores.
- Use a reliable security solution capable of detecting malware and malicious web links.
- If installing apps from non-official sources is unavoidable, keep an eye on what permissions the app is requesting. Don’t install such apps without a security solution in place.
- Educate yourself and your relatives on the latest forms of malware propagation. This will help you to detect an attempted social-engineering attack.