IT Brief Australia - Technology news for CIOs & IT decision-makers
Australia
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
internet of things
#
work from home
Search
Story image
#
Cybersecurity
#
Malware
#
Ransomware
Android ransomware, running riot in Australia
Fri, 3rd Jul 2015
FYI, this story is more than a year old
Author image
By Catherine Knowles, Journalist
Follow us

Android ransomware in Australia is on the rise, posing a significant threat to businesses and consumers.

In the past six months alone, ransomware has experienced a steady growth, specifically in April and May 2015, according to Bitdefender, the antivirus software specialists.

Furthermore, over 25% of all reported malware in May was Android ransomware.

Bitdefender says these numbers are likely to steadily rise in the next six to twelve months.

“Considering that in February 2015 the amount of ransomware reported was slightly above 6%, this sudden spike translates into an increased interest among cybercriminals in targeting Australia to generate revenue,” says Bitdefender.

Cryptowall ransomware is one of the most prolific and profitable malware strains to-date, causing more than $18 million losses in the past year alone, according to the FBI's Internet Crime Complaint Center.

Its success in generating revenue has inspired malware coders to now explore new ways of infecting even more victims, by crafting ransomware for Android devices.

With Android shipments exceeding 1 billion devices in 2014, it's unsurprising the market is sparking the interest of cybercriminals who see it as an environment equally as profitable as PCs.

Bitdefender says it has been seeing Android ransomware samples for nearly a year.

At first, they had more limited capabilities and were mostly designed to scare users into thinking they're infected by displaying an easily-removable pop-up that contained the same ‘classic' message as PC ransomware.

It only took limited technical knowhow to remove both the pop-up and the application, and users were quick to dispose of them, Bitdefender says.

For instance, whenever a user saw a full-screen message stating that their files had been encrypted and you had to pay a fee to unlock them, they simply hit the ‘back' button to exit it.

However, malware coders quickly adapted to the mobile operating system platform and began understanding the subtleties of making an application that latches onto the OS tightly, making them both more persistent and ‘scarier' for the average user, according to Bitdefender.

New Android ransomware can completely block a device's keys, leaving users with few available options: rebooting or shutting down.

Although no actual encryption of local files occurs, the displayed messages try to scare users into paying the ransom.

The latest Android ransomware can only be removed by booting devices in Safe Mode, otherwise it will come back each time your phone reboots.

Safe Mode booting prevents third-party applications from loading, so users can manually uninstall the malware like any other app.

Some of the most common attack vectors used for spreading such Android ransomware infections have to do with drive-by attacks or infected applications disseminated through third party marketplaces, Bitdefender says.

Consequently, it is important users don't download anything that's not from the official Google Play Marketplace and install a mobile security solution that can detect and report any attempt of inadvertent download or installation of malware, says Bitdefender.

Related stories
Armis warns of major cyber-attack risk to 2024 global elections
Illumio unveils AI enhancements for faster Zero Trust Segmentation adoption
Half of online traffic in 2024 generated by bots, report finds
Cisco launches Hypershield for AI-driven security upgrade
Axis unveils hybrid cloud platform for adaptable security solutions
Top stories
Axis unveils next-gen Camera Station VMS & cloud solutions
Intel reshuffles Asia Pacific leadership to boost business growth
Coalition integrates cyber risk platform with top cloud services providers
Sapia Labs presents 'revolutionary' AI research at SIOP conference
Secolve & Asimily join forces to boost Australia's IoT security