SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image

Fourfold increase in ransomware attacks against Android

Android users beware, ransomware is becoming more prevalent towards your devices. Kaspersky Lab has found that the ransomware landscape has increased four times in a single year and is now claiming 136,532 global victims.

The Kaspersky Labs report shows a spike in ransomware attacks since January 2016 and points to a significant change in the mobile ransomware threat landscape. Ransomware blocks or locks access to devices and demands money to unlock files. Previously common to PC users, Android devices are now becoming targets.

Four main groups were responsible for 90% of all attacks: Small, Fusob, Pletor and Svpeng families of malicious malware. The research also found that ransomware is increasing as an attack method on all Android devices, rising from 2.04% to 4.63% over the last four years.

The study also found that Android ransomware mainly takes the form of screen-blockers as they cannot be removed with external hardware.

“The extortion model is here to stay. Mobile ransomware emerged as a follow-up to PC ransomware and it is likely that it will be followed-up with malware targeting devices that are very different to a PC or a smartphone. These could be connected devices like smart watches, smart TVs, and other smart products including home and in-car entertainment systems. There are a few proof-of-concepts for some of these devices, and the appearance of actual malware targeting smart devices is only a question of time,” says Roman Unuchek, mobile security expert at Kaspersky Lab.

The study found that although Android ransomware is still lower and growing at a slower rate than PC ransomware and more frequently targets larger countries such as the United States, Germany and the United Kingdom, it does demonstrate that criminals are exploring mobile ransomware opportunities.

Kaspersky Labs recommends:

  • Only download apps from official app stores
  • If downloading from unofficial sources, scrutinise permissions and do not download without security software
  • Using anti-malware software security able to detect malicious links and malware
  • Educate friends and family about malware propagation, which will help you detect social engineering attacks
Follow us on: