Mobile Ransomware Gains Speed
Since the internet went mainstream, malware has existed in ever-changing reiterations. In the past year, phishing scams, Trojan viruses, and a variety of other kinds of malevolent software have given way to ransomware, the most common type of malware currently circulating the web. Ransomware poses a threat not just to personal computers and corporate systems; according to a report published by Kaspersky Lab, now more than ever, ransomware targets people’s mobile devices.
Kaspersky software was able to protect over 135,000 users targeted by ransomware spanning from April 2015 to March 2016. That’s up from 35,413 in the year prior, meaning the amount of mobile ransomware victims quadrupled last year.
“The growth curve may be less than that seen for PC ransomware, but it is still significant enough to confirm a worrying trend,” it reads in the report.
How and why did this trend come about? The software firm attributes the spike in ransomware targets to the fact that people are willing to pay ransoms and that the value of information stored on digital devices is high enough that paying that ransom is actually the most cost-effective way to recover the data. In addition, law enforcement has been incapable of effectively responding to the problem and new payment tools and anonymous currencies are making it easier than ever for hackers to collect their fees.
“The problem for criminals is that legitimate payment systems, reacting to the rise in fraudulent payments, have started to track and block suspicious transactions, making money transfer a far more risky business for cyber crooks,” the report states. However, it goes on to explain that criminals have found new payments systems that allow them to work around this.
“With underground and semi-legal payment systems the problem is that no guarantees are given to the users of such systems (no refunds, no protection from other criminals) and the privacy of these transactions is also questionable.”
Then cryptocurrencies like bitcoin made it fundamentally easier for criminals to obtain money made illegally:
“Criminals have started to exploit the advantages crypto-currencies offer over other types of e-currency: anonymity and a distributed nature, which both allow them to hide fraudulent transactions and make it possible for a law enforcement agency to do anything… These features help to support individual privacy rights but, unfortunately also give cybercriminals a very reliable and secret payment tool. The main outcome of this is that ransomware has become the new black in the underground.”
“With a PC, the ransomware encrypts your files, encrypts your backup and leaves everything as garbage on our machine and then [demands] a ransom payment,” explained Ryan Naraine, global research and analaysis team head at Kaspersky Lab.
“On mobile, in some cases they’re doing encryption, but in most cases, they’re just locking the screen and not allowing you to get into the phone at all… It’s the same model. You make the end user completely desperate to get access to his files, and that desperation leads to paying the ransom.”