What is mobile ransomware?
Authored by a Symantec employee
Mobile ransomware is a form of malware that affects mobile devices. A cybercriminal can use mobile malware to steal sensitive data from a smartphone or lock a device, before demanding payment to return the data to the user or unlock the device. Sometimes people are tricked into accidentally downloading mobile ransomware through social networking schemes, because they think they are downloading innocent content or critical software.
After the malware is downloaded onto a device, it will show a fake message accusing the victim of unlawful engagement before encrypting files and locking the phone. After the payment is processed, often via Bitcoin, the ransomware will send a code to unlock the phone or decrypt the data.
Ransomware software is constantly evolving. Last fall, a malware called Cryptolocker infected more than 10,000 computers. The hackers wanted $300 from each victim in exchange for a decryption code. After, the ransomware infiltrated both Apple and Android mobiles.
That same year, another Android ransomware dubbed Doublelocker spread through counterfeit fake apps that were downloaded from compromised websites. The malware changed the affected device’s PIN and encrypted its primary storage files, renaming them with the extension “.cryeye.” A ransom was demanded to decrypt them.
Another malware finding its way onto devices is the Koler ransomware. Disguising itself as a fake adult-themed app, the malware has infected Android devices in the U.S. The infection begins when the user visits what’s purported to be an adult-themed website and downloads an app to view the desired content. Once downloaded, the malware asks the user to install the app, giving the cybercriminal administrator access to the device. The attacker next displays a message that appears to be from the FBI, telling the victim to pay a fee for viewing pornographic content.
How to protect your mobile devices from ransomware
Here are few tips to help protect your devices from ransomware.
1. Stay informed about the latest threats
Ransomware is constantly evolving. Cybercriminals are known to use variants of previously known malware. In 2017, after using the EternalBlue exploit kit to spread WannaCry ransomware, cybercriminals used the same exploit kit later that year to spread Petya ransomware. It is very important to know how the ransomware landscape is developing. The more we know about how these attacks are carried out, the easier and faster it is to find a solution. To learn more about the latest threats out there, be sure visit the Norton Internet Security Center.
2. Install security patches
Ransomware can make its way onto a device through drive-by downloads. These are caused by accidentally visiting compromised websites. You could be redirected to these shady websites by malware hiding in a legitimate site. A good defense is to ensure all your apps and operating systems are up to date.
3. Be wary of installing fake apps
Fake apps are an infamous source of malware. Before installing an app, make sure you are downloading it from the App Store or Google Play. Third-party app stores may be risky.
4. Back up all files
Backing up your files is always good idea. Doing so could come in handy — not only if your device is held for ransom, but also if you lose or damage your phone.
5. Use a robust mobile security solution
Keeping all devices protected with a comprehensive security solution is always recommended. Norton Mobile Security safeguards your online privacy, and comes with features like App Advisor, which checks Android apps to make sure they’re safe to download.
In today’s world, there are many threats to your personal data and privacy. Cybercriminals have been using ransomware to hold important files hostage or lock phones until a payment is made. Understanding the risks and taking a few precautions may help you stay one step ahead of these cybercriminals.
Learn more about Norton Mobile Security or download it from an app store now.
Editorial note: Our articles provide educational information for you. Norton LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.
Norton by Symantec is now Norton LifeLock. LifeLock™ identity theft protection is not available in all countries.
Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec logo, the Checkmark logo, Norton, Norton by Symantec, LifeLock and the LockMan logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the United States and other countries. App Store is a service mark of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution Licence. Other names may be trademarks of their respective owners.