Story image

Android ransomware, running riot in Australia

03 Jul 15

Android ransomware in Australia is on the rise, posing a significant threat to businesses and consumers.

In the past six months alone, ransomware has experienced a steady growth, specifically in April and May 2015, according to Bitdefender, the antivirus software specialists.

Furthermore, over 25% of all reported malware in May was Android ransomware.

Bitdefender says these numbers are likely to steadily rise in the next six to twelve months.

“Considering that in February 2015 the amount of ransomware reported was slightly above 6%, this sudden spike translates into an increased interest among cybercriminals in targeting Australia to generate revenue,” says Bitdefender.

Cryptowall ransomware is one of the most prolific and profitable malware strains to-date, causing more than $18 million losses in the past year alone, according to the FBI’s Internet Crime Complaint Center.

Its success in generating revenue has inspired malware coders to now explore new ways of infecting even more victims, by crafting ransomware for Android devices.

With Android shipments exceeding 1 billion devices in 2014, it's unsurprising the market is sparking the interest of cybercriminals who see it as an environment equally as profitable as PCs.

Bitdefender says it has been seeing Android ransomware samples for nearly a year.

At first, they had more limited capabilities and were mostly designed to scare users into thinking they’re infected by displaying an easily-removable pop-up that contained the same ‘classic’ message as PC ransomware.

It only took limited technical knowhow to remove both the pop-up and the application, and users were quick to dispose of them, Bitdefender says.

For instance, whenever a user saw a full-screen message stating that their files had been encrypted and you had to pay a fee to unlock them, they simply hit the ‘back’ button to exit it.

However, malware coders quickly adapted to the mobile operating system platform and began understanding the subtleties of making an application that latches onto the OS tightly, making them both more persistent and ‘scarier’ for the average user, according to Bitdefender.

New Android ransomware can completely block a device’s keys, leaving users with few available options: rebooting or shutting down.

Although no actual encryption of local files occurs, the displayed messages try to scare users into paying the ransom.

The latest Android ransomware can only be removed by booting devices in Safe Mode, otherwise it will come back each time your phone reboots.

Safe Mode booting prevents third-party applications from loading, so users can manually uninstall the malware like any other app.

Some of the most common attack vectors used for spreading such Android ransomware infections have to do with drive-by attacks or infected applications disseminated through third party marketplaces, Bitdefender says.

Consequently, it is important users don’t download anything that’s not from the official Google Play Marketplace and install a mobile security solution that can detect and report any attempt of inadvertent download or installation of malware, says Bitdefender.

WatchGuard’s eight (terrifying) 2019 security predictions
The next evolution of ransomware, escalating nation-state attacks, biometric hacking, Wi-Fi protocol security, and Die Hard fiction becomes reality.
Why the adoption of SAP is growing among SMEs
Small and medium scale enterprises are emerging as lucrative end users for SAP.
Exclusive: How the separation of Amazon and AWS could affect the cloud market
"Amazon Web Services is one of the rare companies that can be a market leader but remain ruthlessly innovative and agile."
HPE extends cloud-based AI tool InfoSight to servers
HPE asserts it is a big deal as the system can drive down operating costs, plug disruptive performance gaps, and free up time to allow IT staff to innovate.
Digital Realty opens new AU data centre – and announces another one
On the day that Digital Realty cut the ribbon for its new Sydney data centre, it revealed that it will soon begin developing another one.
A roadmap to AI project success
Five keys preparation tasks, and eight implementation elements to keep in mind when developing and implementing an AI service.
The future of privacy: What comes after VPNs?
"75% of VPN users said they are seeking a better solution for cloud networks."
'Public cloud is not a panacea' - 91% of IT leaders want hybrid
Nutanix research suggests cloud interoperability and app mobility outrank cost and security for primary hybrid cloud benefits.