Following the revelation that users of pornographic app ‘Adult Player’ are being subjected to ransomware attacks, security experts Raj Samani and John Smith identify why this crime is growing at such an alarming rate.
[su_note note_color=”#ffffcc” text_color=”#00000″]Raj Samani, CTO EMEA, Intel Security :
“Ransomware and crypto malware, such as that imposed by pornographic app ‘Adult Player’, is rising at an alarming rate. Intel Security’s most recent Threats Report uncovered that ransomware shot up 127% in the past year alone. We are increasingly seeing hackers blackmailing online users with their most private and sensitive information, or even photos. Thanks to the pseudo-anonymity provided by digital currencies such as Bitcoin, hackers can simply buy the skills required to launch an attack online and accept ransom payment through the same technology. This makes ransomware and crypto malware a lucrative enterprise for online criminals – with successful attackers raking in tens of thousands worth of Bitcoin in matter of weeks.”[/su_note]
[su_note note_color=”#ffffcc” text_color=”#00000″]John Smith, Principal Solution Architect at Veracode :
Cyber Crime as a Service is on the rise, and ransomware is becoming an increasingly popular way for cyber criminals to extort people. Similar to the Ashley Madison data breach earlier this summer, this case once again demonstrates how our online footprint puts our most personal moments and decisions at risk of entering into the public eye.
However, from a security industry perspective, what is perhaps most concerning is to see the growing prevalence of ransomware in the mobile space. Previously ransomware typically focussed on denying the victim access to their data – encrypting it and demanding payment to decrypt. This latest incarnation seems to take this a step further by exploiting the capabilities of the phone to also capture images of the victim in an embarrassing context, adding a further potential for blackmail.
Gartner estimates that 75 percent of mobile apps will fail basic security tests in 2015. While some of this is due to sloppy programming and the insecure use of open source and third-party libraries, cybercriminals are constantly looking to exploit insecure apps in order to steal corporate intellectual property, track high-profile individuals , and insert aggressive adware for monetary gain. It is therefore essential that we ensure we educate people on the dangers that applications can pose both personally and to corporate environments.[/su_note]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.