Ransomware targeting Android users has increased by over 50 percent in just a year, as cybercriminals increasingly take aim at what they view as an easy ecosystem to penetrate.
This, the highest number of attempts to infect Android smartphones and tablets with malicious file-encrypting software so far, comes as users increasingly turn to mobiles as their primary devices, storing more and more valuable data on them.
According to cybersecurity researchers at ESET, the biggest spike in ransomware attacks came in first half of 2016. And because ransomware was then a relatively new attack vector — at least when it came to targeting businesses — means many fell foul of it.
Eastern Europe was initially the main target of ransomware distributors but this has changed, with figures in ESET’s Trends in Android Ransomware paper suggesting that now 72 percent of successful ransomware attacks distributing Lockerpin ransomware target users in the United States.
The reason for the shift in targeting, as with most other cybercriminal decision making, comes down to money. Mobile users in the US are richer than those in Eastern Europe, so distributors of ransomware can make more money by targeting them.
Lockerpin is a particularly aggressive form of Android ransomware, which has continually evolved since it was first discovered in August 2015. Typically spread via malicious, fake applications, Lockerpin claims to be the FBI, accusing the victim of harbouring illegal content and demanding a $500 ransom.
While there are some forms of Android ransomware which have been a thorn in the side of users for well over a year, malicious developers aren’t just content to sit back on their laurels, with new forms of malware appearing all the time.
One of the newest forms of Android ransomware is Charger, a nasty form of mobile ransomware which steals data from its victims.
The zero-day mobile ransomware was found embedded in an app supposedly designed to enhance battery-life of phones and tablets — and downloaded directly from the Google Play. Google has since removed the ransomware from its store.
In order to avoid falling victim to Android ransomware threats, ESET researchers recommend that users avoid unofficial app stores and keep mobile security software up-to-date.
It’s also recommended that users keep regular backups of data, so in the worst case scenario of falling victim to a ransomware attack, data can easily be retrieved without handing money to criminals.
Read more on cybercrime
Source: SANS ISC SecNewsFeed @ February 21, 2017 at 06:21AM