Thursday, October 19, 2017

Ransomware for Mobile Devices on the Rise


In year 2016 and 2017, malware researchers have spotted a rapid growth in mobile malware including ransomware. Most of the smart phones and other mobile devices either receive no or late operating system updates leaving the device vulnerable to malicious attacks such as advertising trojans that exploit super-user rights.

Mobile ransomware masquerades as a legitimate app in third party app stores, popular games, flash and video players or as a system update. They lurk in to app-stores and also spread by means of exploit kits using yet-unknown vulnerabilities. Further your device could get infected by visiting pornographic websites, forums or clicking on a spam link in text messages.

Blocker ransomware are currently the most popular means to infect mobile devices. On mobiles, they act simply by overlaying the interface of every app with their own, so a victim can’t use any application at all. Sometime these malware lock mobile devices by hijacking the PIN which is used to secure the device. It just uses the device’s own built-in security against you, until you pay the attackers.



How to Protect Your Devices:

  1. Avoid any installation of untrusted applications. Install applications only from official app-stores such as Google Play. To enforce application installations only from trusted sources, go to Android settings, choose Security, and make sure that the “Unknown Sources” box is not checked.
     
  2. Avoid clicking on in-app advertisements. Sometimes in-app ads will direct you to malicious website with exploit kits.
     
  3. Avoid clicking on spam links in text messages.
     
  4. Regularly update your device’s firmware and its installed apps.
     
  5. Install a strong security solution which detects mobile malware.
Reference:
  1. https://www.techrepublic.com/article/report-mobile-ransomware-attacks-soared-in-2017-up-250-in-q1/
  2. https://securelist.com/ksn-report-mobile-ransomware-in-2014-2016/75183/
  3. https://www.kaspersky.com/blog/mobile-ransomware-2016/12491/