Malicious software that locks mobile devices and demand payment are becoming common, and users must proactively guard against them
A NEW range of malware applications, collectively known as ransomware, is targeting smartphones as cyber criminals look for creative ways to extract money from people.
According to security company Fortinet, the threat of ransomware should encourage smartphone owners to take extra precautions when downloading applications.
Fake copies of popular apps can open the door of your smartphone to malware applications.
This malicious software is able to lock down criminals usually demand payment on the promise that the devices will be unlocked.
However, most security experts do not advise paying up, as there is no guarantee that the device will be unlocked, or, even if the smartphone is unlocked, whether the crooks can simply send multiple locking instructions.
Here are the four mobile ransomware recently detected by FortiGuard Labs, a division of Fortinet:
- Simplocker, discovered in June 2014, comes in the form of Trojanized applications like a Flash player, for example. This is the first “real” ransomware seen on Android in the sense that it actually encrypts files (with extensions “jpeg”, “jpg”, “png”, “bmp”, “gif”, “pdf”, “doc”, “docx”, “txt”, “avi”, “mkv”, “3gp” and “mp4”) on the phone. The malware locks the infected phone, displays a screen telling the user that the phone is locked, and demands payment to unlock it. Even after uninstallation of the application in safe mode, the files need to be decrypted to be read.
- Cryptolocker for mobile, discovered in May 2014, disguises itself as a fake BaDoink video downloader application. Although the malware doesn’t cause any damage to phone data, it displays a locked screen claiming to originate from the local police, customized to the geo-location of the end-user. The locked screen is re-launched every five seconds, making phone operation near impossible without uninstallation of the malware.
- iCloud ‘Oleg Pliss’, discovered in May 2014, accounted for the first reported cases of ransomware for Apple devices. These incidents can’t be attributed to a particular piece of malware but to compromised iCloud accounts in combination with some social engineering. The attackers were believed to have exploited Apple’s Find My iPhone, iPad, and Mac feature along with recycled passwords leaked from password breaches. The attack, however, doesn’t work if the device already has a passcode (phone lock) set. The malware can potentially leak calendar and contact information, and allow the attacker to delete all information on the phone.
- FakeDefend, discovered in July 2013, is a ransomware that targets Android phones. It comes disguised as a fake antivirus (AV) application prompting the end-user to pay for a full subscription of the AV after performing a fake scan and showing a list of hardcoded “infections” found on the phone. If the user decides to pay, the credit card details entered are leaked to the attacker’s server in plain text. These captured credit card details may be used for rogue transactions later.
Cyber criminals often use major events or news stories to scam people into downloading a malicious application.
For example, the Soccer World Cup in Brazil saw a number of malware applications being hawked on the Internet.
Where Google and others blocked apps on online platforms, hackers used social engineering tricks to get smartphones owners to install malware.
We chat to Jonas Thulin from Fortinet about this and other relevant topics today…..
- Motoring News of the Week | Diesel and Dust | Tumelo Maketekete | #Motoring | #ebizradio | #Podcast - October 25, 2021
- Robotics in Retail – What does this mean for you and your business? | #Marketing | Kevin Britz | Craig Page-Lee | #Podcast | #ebizradio - October 22, 2021
- The Youth Unemployment Crisis – What is the impact on individuals and the economy | #Insights | Bryden Morton | Chris Blair | 21st Century | #ebizradio - October 20, 2021
- Going Digital against #GBV | MIP partners with TEARS Foundation | Richard Firth | Mara Glennie | #Digital | #ebizradio - October 19, 2021
- Firstwatch announces 2021 initiative to support entrepreneurs | #Entrepreneurs | #PayItForward | #ebizradio - October 19, 2021
- See me, Understand me, Learn with me | #Insight | #Education | The Montessori model enters your home | Madeline Hoban | InHome Montessori - October 19, 2021
- Is your business ready for the new frontier of hybrid working | Business Brunch with Björn | #Entrepreneur | #Technology | Craig Johnson | NSN.CO.ZA - October 19, 2021
- Abundance is not what’s in your wallet | #Insight | #LunchtimeSeries | Kevin Britz | Naomi Basson | #Podcast | #ebizradio - October 18, 2021
- How important is Employer Branding to you and your business? | #Insight | #HR | Pabi Mogosetsi | UNIVERSUM | #Podcast | #ebizradio - October 18, 2021
- Motoring News | Diesel and Dust | Tumelo Maketekete | #Motoring | #ebizradio | #Podcast - October 15, 2021
