Mobile

What is mobile ransomware?


Authored by a Symantec employee

 

Mobile ransomware is a form of malware that affects mobile devices. A cybercriminal can use mobile malware to steal sensitive data from a smartphone or lock a device, before demanding payment to return the data to the user or unlock the device. Sometimes people are tricked into accidentally downloading mobile ransomware through social networking schemes, because they think they are downloading innocent content or critical software.

After the malware is downloaded onto a device, it will show a fake message accusing the victim of unlawful engagement before encrypting files and locking the phone. After the payment is processed, often via Bitcoin, the ransomware will send a code to unlock the phone or decrypt the data.

Recent Incidents

Ransomware software is constantly evolving. Last fall, a malware called Cryptolocker infected more than 10,000 computers. The hackers wanted $300 from each victim in exchange for a decryption code. After, the ransomware infiltrated both Apple and Android mobiles.

That same year, another Android ransomware dubbed Doublelocker spread through counterfeit fake apps that were downloaded from compromised websites. The malware changed the affected device’s PIN and encrypted its primary storage files, renaming them with the extension “.cryeye.” A ransom was demanded to decrypt them.

Another malware finding its way onto devices is the Koler ransomware. Disguising itself as a fake adult-themed app, the malware has infected Android devices in the U.S. The infection begins when the user visits what’s purported to be an adult-themed website and downloads an app to view the desired content. Once downloaded, the malware asks the user to install the app, giving the cybercriminal administrator access to the device. The attacker next displays a message that appears to be from the FBI, telling the victim to pay a fee for viewing pornographic content.

How to protect your mobile devices from ransomware

Here are few tips to help protect your devices from ransomware.

1. Stay informed about the latest threats

Ransomware is constantly evolving. Cybercriminals are known to use variants of previously known malware. In 2017, after using the EternalBlue exploit kit to spread WannaCry ransomware, cybercriminals used the same exploit kit later that year to spread Petya ransomware. It is very important to know how the ransomware landscape is developing. The more we know about how these attacks are carried out, the easier and faster it is to find a solution. To learn more about the latest threats out there, be sure visit the Norton Internet Security Center.

2. Install security patches 

Ransomware can make its way onto a device through drive-by downloads. These are caused by accidentally visiting compromised websites. You could be redirected to these shady websites by malware hiding in a legitimate site. A good defense is to ensure all your apps and operating systems are up to date.

3. Be wary of installing fake apps 

Fake apps are an infamous source of malware. Before installing an app, make sure you are downloading it from the App Store or Google Play. Third-party app stores may be risky.

4. Back up all files 

Backing up your files is always good idea. Doing so could come in handy — not only if your device is held for ransom, but also if you lose or damage your phone.

5. Use a robust mobile security solution

Keeping all devices protected with a comprehensive security solution is always recommended. Norton Mobile Security safeguards your online privacy, and comes with features like App Advisor, which checks Android apps to make sure they’re safe to download.

In today’s world, there are many threats to your personal data and privacy. Cybercriminals have been using ransomware to hold important files hostage or lock phones until a payment is made. Understanding the risks and taking a few precautions may help you stay one step ahead of these cybercriminals.
 

Your device may not be secure.

Public Wi-Fi isn’t always safe. Without the right protection, your personal information could become public. Protect yourself with Norton WiFi Privacy. It encrypts the personal information you send and receive on public Wi-Fi to help keep it private wherever you want to log on.

Help protect your information with Norton WiFi Privacy.


Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.

© 2018 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the Lockman Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Google Chrome is a trademark of Google, Inc. Mac, iPhone and iPad are trademarks of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.