Ransomware Strikes Mobile Devices – What NOT to Do

Ransomware has been in the news a lot lately, and mostly it hasn’t been good.
 
Well, there is some positive news to report. After months of success in which thousands of PCs were infected, the hackers behind the ransomware known as CryptoLocker were finally dealt a major setback when law enforcement shut down their command and control servers on the first of June.
 
Recently, however, security researchers have discovered ransomware that infects Android devices – another sign of cyber criminals taking a page from the Windows-hacking playbook.
 
Just like ransomware for the PC, Android ransomware takes two forms.
 
First, there’s the kind of ransomware that tries to scare victims into paying a fine, supposedly to a national law enforcement agency like the FBI, due to alleged illegal behavior like viewing child pornography.
 
The other type of ransomware is called a file encryptor, or cryptor. Like CryptoLocker, a cryptor encrypts your files and demands a ransom to unlock them.
 
On Androids, SophosLabs researchers have seen both kinds.
 
One phone-locking ransomware, called Koler, comes with a message that claims your phone has been encrypted by law enforcement and you are accused of illegal behavior. To avoid prosecution, you need to pay a fine of about $300 in electronic funds via MoneyPak.
 
The ransom warning message claims that your files are encrypted, but the malware actually doesn’t really scramble your files. Instead, the pop-up window on your phone stays on your screen no matter what you do and pops up again if you reboot.
 
Now another brand of Android ransomware, Simplelocker, is infecting devices – and this one really does lock up all files, including photos and videos, stored on your phone.
 
Android ransomware – what NOT to do
 
Ransomware has become such a huge money-maker for cybercriminals because enough people are willing to pony up the cash to unlock their sensitive files (or out of the mistaken impression that they are).
 
It’s easy to understand why people do it – if all your important business documents are lost, or even your personal files like family photos, it’s very tempting to pay a relatively small amount to get back what could be priceless files.
 
But this is a mistake – and here’s why: funding the cybercriminals by paying a ransom is a sure example of a pyrrhic victory. You get your files back, but the crybercriminals are that much stronger and more capable of inflicting harm on others.
 
Fortunately, there are ways to get around Android ransomware if you follow some simple steps. Visit Naked Security to read more about removing ransomware using the Safe Mode on your device.
 
Want to hear more from Sophos?