As smartphones increasingly become the primary computing device for many users, they also present a greater risk for certain cyber attacks. According to a recent report from ESET, ransomware attacks on Android devices rose more than 50% in the past year.
For those unfamiliar, ransomware is a form of malware wherein an attacker encrypts a user’s data and holds it hostage until they pay a monetary ransom. Ransomware has been an actively growing threat for quite some time, with many new tools emerging to counteract it.
The reason behind the growth in Android ransomware is actually quite simple. As more users rely on their phone as a daily computing device, they are storing more sensitive data there, which can be more easily exploited for ransom, the report stated.
According to the report, techniques such as lockscreen ransomware and crypto-ransomware, typically used in desktop attacks, are being adapted specifically for Android users. “ESET researchers have also seen cybercriminals put increased effort into keeping a low profile by encrypting and burying the malicious payload deeper into the infected apps,” the report also noted.
Android ransomware, and other forms of malware affecting the mobile OS, usually spreads by pretending to be another application—such as a trending game—to get the user to download it, an ESET white paper said. However, researchers also noticed a growing trend of attacks coming through email, using social engineering to try and get users to click a link and download an infected app.
Once a device is infected, the white paper said, the attacker can wipe the user’s device, send a message on their behalf, or perform a host of other malicious actions. Some versions of the ransomware even attempt to convince the user that their device was locked by law enforcement for illegal activity.
Geographically speaking, these attacks are growing among users in the U.S. and Asia, the report said.
Being that ransomware is a form of malware, there are a few ways to deal with it. First off, it’s important to make sure that the device’s settings are properly configured, especially those that manage app store downloads. There are also some other steps one can take if the device is infected, including booting in safe mode to remove the malware.
This latest report follows a host of other bad news for malware in Android devices. In mid-2016, a Kaspersky Lab report claimed that Android ransomware had quadrupled over the previous year. Additionally, a malware version called HummingBad was reported to have affected millions of devices.
This article originally appeared on TechRepublic.
After thorough research performed by our mobile threat prevention (MTP) partner, Check Point, a new and alarming type of malware campaign has been identified. Known as Gooligan, this malware is used to generate ad revenue on the Android platform. Check Point noted that as of the end of November, Gooligan had breached the security of more than one million Google accounts, with an additional 13,000 devices being impacted each day.
As cybersecurity presents an increasingly complex and concerning environment for personal, business and government safety, attention to the secure use of mobile devices is more important than ever for individuals around the world. In fact, recent news of cybercriminals and hackers having connections deeply rooted in the Russian government, as well as the thousands of unauthorized “app stores” hosted in China, has underscored the growing number of threats in existence — and therefore a clear need to be proactive.
Since 2004, October has been recognized as National Cybersecurity Awareness Month (NCSAM).
The initiative for the recognition was spearheaded by the National Cyber Security Division (NCSD) of the Department of Homeland Security (DHS). During the month of October, those government agencies are joined by the nonprofit National Cyber Security Alliance (NCSA) in encouraging Americans to be vigilant about computer and internet use.
You may have heard recently about an Android security threat called “Stagefright.” It works by using the Android OS’s current method of taking action on text attachments even before they are opened, deploying malware to the device long before it can even be discovered. After taking a closer look, we at TechOrchard agree that this is a serious issue. The problem is summed up nicely in an excerpt from a CNN article below:
Android malware continues to get more creative, with a new variant of the ZeuS package floating about. For those who aren’t familiar with the world of Android malware, ZeuS
was is a Trojan that would be installed by users onto their devices promising protection, security and the usual antivirus speech. Once installed, after a user visited certain social media sites, it would inject itself into the code stream and pull personal info from the site (usually Facebook). Personal details in hand, it would then use Facebook logos and data to present the user with offers for upgrades, better security features for his/her Android device and new software. Any and all data would, of course, go straight back to whomever has written the bug.
More recently, Kaspersky has identified a similar attack on Android devices, this time calling itself “Android Security Suite.” Users install the app and are asked for logins and similar information; the bot goes to work on your personal info. Heaven help you if you use your mobile device for banking or transmitting other personal info. Kaspersky identified markers in the code that link it to the slightly older ZeuS Trojan.
This type of attack being so easy to execute on Android devices is likely why a couple of the mobile device management providers seem to be heading more toward containerizing or partitioning devices … an approach that secures the device but essentially turns it into one of the most inconvenient mobile devices since the bag-phone. Users could reduce the likelihood of infection from this kind of malware simply by staying in the
Android Marketplace Google Play app store. I love Android devices, but it’s this kind of thing that makes me cringe when we work with folks who believe these are inherently more secure in a corporate setting.