The ransomware seems to have maintained its appeal among cybercriminals, as it continues to grow endlessly across multiple platforms, which also include the mobile devices from the year 2014. Android users are victims of attacks of various types of malware extortion. The most common is the virus of the police, who tries to scare its victims accusing them (falsely) of storing illegal content on their devices and demanding payment of a fine.
Pay attention to our detection of ransomware for Android in the past two years:
The attack vector most popular used by cyber criminals remains the same since we started the "epidemic ransomware": abusing the over the counter markets and forums to propagate your family, or preferred variant of the malicious code.
But in 2016 were cases where cybercriminals have incorporated other more sophisticated methods to their sets of tools. The attackers tried to hide the packet payloads as deep as possible within the applications. To do this, the encrypted and then transferred them to the assets folder, which is usually used to save images or other content necessary for the mobile application. Thus, although the apps did not have any real functionality on the outside, the inside had a decryption tool can decrypt and run the ransomware.
The experts of ESET also documented types of ransomware for Android that are spread through e-mail. Through the use of Social Engineering, the attackers manipulate the victims to make clicking on a malicious link present in the message and direct them to a package of Android applications (APK) is infected.
Other developments this year was the growing interest of the operators of the ransomware Jisut in the chinese markets, using a message of rescue, written in chinese.
If you might be interested to get more information about the content of our new paper "Trends in the Android Ransomware" (Trends in ransomware for Android), passed by the booth B05 ESET in Hall 5 of the Mobile World Congress 2017 in Barcelona. In addition, the head of research at ESET, Juraj Malcho, will speak on the latest developments in the banking malware and ransomware.
Author Ondrej Kubovič, ESET
No comments:
Post a Comment