Mobile ransomware becoming a significant threat

Ransomware on mobile phones has grown into a significant threat this year, with a marked increase in the number and sophistication of the malicious software, according to Fortinet.

Fortinet Labs Security Researcher Runcha Nigam said that this year has seen the emergence of the first ransomware variant targeting iOS devices, as well as the first Android variant that encrypts phone data.

“As mobile device adoption continues to gain pace, hackers have found a new lucrative target in handsets, in addition to traditional PCs,” Nigam said.

“The public needs to become more security-aware and take more measures to prevent their handsets from becoming conduits of monetary and information loss.”

The iOS variant, iCloud Oleg Pliss, is the first reported case of ransomware for Apple devices. The attack involves compromised iCloud accounts, and can potentially leak calendar and contact information or allow the attacker to delete all information on the victim’s phone.

A ransomware discovered in June, Simplocker, is the first example of Android ransomware that encrypts files - it targets images, documents and videos - and demands payment to decrypt them. The files remain encrypted even after uninstallation.

Other examples of recently discovered ransomware include one that disguises itself as an antivirus program displaying a list of ‘infected’ files and a fake video downloader application that repeatedly displays a lock screen purporting to originate from local police.

To guard against mobile ransomware, Nigam recommends that mobile users have functional antivirus software on their phones, only install applications from trusted sources and activate password locks where available.

Image courtesy of redjar under CC