Android ransomware up more than 50%, locking users’ devices until they pay (TechRepublic)

moneyphone.jpg

Image: iStockphoto/SIphotography

As smartphones increasingly become the primary computing device for many users, they also present a greater risk for certain cyber attacks. According to a recent report from ESET, ransomware attacks on Android devices rose more than 50% in the past year.

For those unfamiliar, ransomware is a form of malware wherein an attacker encrypts a user’s data and holds it hostage until they pay a monetary ransom. Ransomware has been an actively growing threat for quite some time, with many new tools emerging to counteract it.

The reason behind the growth in Android ransomware is actually quite simple. As more users rely on their phone as a daily computing device, they are storing more sensitive data there, which can be more easily exploited for ransom, the report stated.

SEE: Ransomware: The smart person’s guide

According to the report, techniques such as lockscreen ransomware and crypto-ransomware, typically used in desktop attacks, are being adapted specifically for Android users. “ESET researchers have also seen cybercriminals put increased effort into keeping a low profile by encrypting and burying the malicious payload deeper into the infected apps,” the report also noted.

Android ransomware, and other forms of malware affecting the mobile OS, usually spreads by pretending to be another application—such as a trending game—to get the user to download it, an ESET white paper said. However, researchers also noticed a growing trend of attacks coming through email, using social engineering to try and get users to click a link and download an infected app.

Once a device is infected, the white paper said, the attacker can wipe the user’s device, send a message on their behalf, or perform a host of other malicious actions. Some versions of the ransomware even attempt to convince the user that their device was locked by law enforcement for illegal activity.

Geographically speaking, these attacks are growing among users in the US and Asia, the report said.

Being that ransomware is a form of malware, there are a few ways to deal with it. First off, it’s important to make sure that the device’s settings are properly configured, especially those that manage app store downloads. There are also some other steps one can take if the device is infected, including booting in safe mode to remove the malware.

This latest report follows a host of other bad news for malware in Android devices. In mid-2016, a Kaspersky Lab report claimed that Android ransomware had quadrupled over the previous year. Additionally, a malware version called HummingBad was reported to have affected millions of devices.

The 3 big takeaways for TechRepublic readers

  1. Android ransomware infections have grown more than 50% in the past year, ESET researchers claim.
  2. The ransomware is growing because users rely on their phones for more standard computing activities, and store more personal data there, which can be exploited.
  3. Previous reports also indicated a rise in Android ransomware, which is a form of malware.

Also see

Source: SANS ISC SecNewsFeed @ February 21, 2017 at 08:39AM

0
Share