• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Consumer   »   Mobile Ransomware: The Fast Growing Yet Unknown Threat

Mobile Ransomware: The Fast Growing Yet Unknown Threat

  • Posted on:September 22, 2016
  • Posted in:Consumer, Mobile Security, Ransomware, Security
  • Posted by:
    Shannon McCarty-Caplan
0
Is your phone infected?

Trend Micro has seen ransomware on PCs dominate the threat landscape over the last 18 months with their unprecedented volume and destructiveness. But now cybercriminals are attacking another vector: the Android mobile platform. Our research shows unique Android ransomware threats grew 15 times higher in June 2016 than in April 2015[i].

The mobile ransomware threat started over two years ago and has gone almost unnoticed in the public eye, overshadowed by its big brother – PC ransomware threats. But should we be paying closer attention? Let’s discuss why you should care, how this threat spreads, and what you can do to keep your mobile devices safe.

Why you should care 

As I have said in my previous blogs, ransomware locks your computer or mobile device, or encrypts your files, holding them ransom until you pay a fee to the cybercriminals who hold them hostage. If you don’t pay the ransom, the bad guys can delete your photos and documents for good, or permanently lock you out of your computer or mobile device.

Mobile devices are now more integrated into our day-to-day lives than our PCs, so a ransomware attack can have a tremendous impact on us (as anyone who’s lost a mobile phone can attest).

How mobile ransomware spreads

Mobile ransomware masquerades as a legitimate app in third party app stores, popular games, flash and video players or as a system update. (So far, Trend Micro hasn’t found any ransomware threats within Google Play.) You could also get hit with an attack by visiting pornographic websites, forums or clicking on a spam link in text messages.

How mobile ransomware works

Trend Micro first discovered mobile ransomware in April 2014. It was of the “lock screen” type, the kind that locks your device and can only be unlocked if you pay. This would necessitate having to buy a new mobile device (expensive – ouch!), but hopefully a majority of your files would be saved in the cloud. Sometimes ransomware falsely claim your device is being locked by the local law enforcement and that you have to pay a “fine:”

blog

This is a mobile version of what is sometimes called “police ransomware” and it is a well-known problem with desktop computers. And now it’s a problem on mobile devices, too.

Not long after police ransomware came over to the mobile world, encrypting ransomware followed.

One thing we’ve seen that is unique to mobile ransomware is a ransomware that hijacks the PIN you use to secure your device. We first saw it in March 2015 and it is similar to the kind of ransomware that locks your device. In this case, it just uses the device’s own built-in security against you, until you pay the attackers.

Just like the file encrypting ransomware you’ve heard of on PCs, this ransomware encrypts your files and the attackers will only give you access to them if you pay them:

blog1

blog2

 

 

 

 

 

 

 

 

 

 

 

How can you stay protected against mobile ransomware?

Trend Micro customers can have peace of mind knowing we’ve blocked over 120M ransomware threats in 2016 alone.  We offer protection for your personal mobile devices: Trend Micro™ Mobile Security for Android will scan your device and check all apps (APK) against the Trend Micro™ Mobile Application Reputation™ database.  Known ransomware (and other threats) are reported and can be uninstalled, as seen here:

blog3

When you’re surfing the Internet on your phone, Mobile Security protects you from accessing malicious websites infected with ransomware, including websites from within popular messaging apps like WhatsApp:

blog4

Bottom line:

Ransomware is a continuing major threat for PC owners and a growing one for the users of Android devices. Keep your data and hardware assets protected with an internet security suite that protects all of your devices on all platforms.

Trend Micro™ Maximum Security includes Mobile Security and protection for up to 5 PC, Mac, Android and iOS mobile devices, and proactively safeguards your devices from the threat of ransomware.

[i] Trend Micro™ Mobile App Reputation Service™ database, August 2016.

Related posts:

  1. Crypto-ransomware, A Growing Threat to Healthcare
  2. Trend Micro Security’s Layered Protection, XGen™ Machine Learning, and Folder Shield Protect You Against Unknown Ransomware and Malware
  3. The New Mobile Threat Landscape, circa 2017 to 2018
  4. Ransomware is a growing risk on Macs

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Digital Transformation is Growing but May Be Insecure for Many
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.