The Rise of Android Ransomware

By   ISBuzz Team
Writer , Information Security Buzz | Feb 21, 2016 10:00 pm PST

ESET®, the pioneer of proactive protection, released its white paper “The Rise of Android Ransomware” [BO1]. The report tracks the developing trend of this especially insidious malware. Whether via encryption capabilities (as discovered by ESET in 2014 with Simplocker), with PIN locking capabilities (as LockerPin discovered by ESET in 2015) or simply lockscreen ability, this type of malware increasingly endangers Android users and continues in keeping our researchers busy. This ESET research paper, published ahead of the Mobile World Congress in Barcelona, addresses this topic. ESET will be located in Hall 5, Booth B05. The largest expo for the mobile industry starts on February 22 in Barcelona, Spain.

[su_note note_color=”#ffffcc” text_color=”#00000″]Researchers at ESET:

Ransomware is a growing problem for users of mobile devices. Lock-screen types and file-encrypting “crypto-ransomware”, both of which have been causing major financial and data losses for many years, have made their way to the Android platform. Like other types of Android malware – SMS trojans, for example – ransomware threats have been evolving over the past few years and malware writers have been adopting many of the same techniques that have proven to be effective in regular desktop malware.

Both on Windows and on Android, lock-screens are nowadays usually of the “police ransomware” kind, trying to scare the victims into paying up after (falsely) accusing them of harvesting illegal content on their devices. Likewise, as with the infamous Windows Cryptolocker ransomware family, crypto-ransomware on Android started using strong cryptography, which meant that affected users had no practical way of regaining the hijacked files. And because everyday data, such as photos, for example, are now kept on smartphones rather than PCs by so many people, the threat of losing this data is now greater than ever.

One interesting observation that we have made is that the attackers’ center of focus is no longer only Eastern European countries. A number of recent families, such as Android/Simplocker and Android/Lockerpin, for example, have been targeting victims mostly in the USA.

“With consumers switching more and more from PCs to mobile, more and more valuable data are being stored on these devices that devices, which leads to the fact that more and more valuable data is being stored on those devices that all of us carry around, Android ransomware is becoming ever more worthwhile for attackers,” says Robert Lipovsky, ESET Researcher.

“For users of Android devices it’s important to be aware of ransomware threats and to take preventive measures along with having security solution installed. Among the most important active measures to take are avoiding unofficial app stores and having a mobile security app installed and kept up to date. Additionally, it is important to have a functional backup of all of important data from the device,” adds Lipovsky.[/su_note]

[su_box title=”About ESET” style=”noise” box_color=”#336588″]ESETSince 1987, ESET® has been developing award-winning security software that now helps over 100 million users to Enjoy Safer Technology. Its broad security product portfolio covers all popular platforms and provides businesses and consumers around the world with the perfect balance of performance and proactive protection. The company has a global sales network covering 180 countries, and regional offices in Bratislava, San Diego, Singapore and Buenos Aires.[/su_box]

Notify of
3 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x