Ransomware Alert: Mobile Phone Abduction

Antivirus for Android
Hollywood has a history of obsession with the thriller and horror movies based on kidnappings. A common plot line is for a crime syndicate to abduct a person and then demand a large amount of money for their return. Such schemes rarely work in the movies, they are constantly thwarted by an A-list hero, but hackers have taken the idea of abduction and applied it to their malware with greater success.
Ransomware is a specific type of malware that locks a user out of their phone and demands a monetary payment in order for the user to regain access. The practice started on Windows computers, but in recent years cybercriminals have begun to target mobile phones. Spurred by success, the rate of Ransomware infections is increasing and as long as the trap is profitable, Ransomware will never go away.

How Ransomware Works

Although Ransomware is a relatively new type of malware, the delivery of the malicious files relies largely on well established means. Ransomware is typically disguised as a Trojan and gains access to a system when they are accidently downloaded. On mobile devices, the most common hiding place for Ransomware is in apps. In the past, video player apps, adult entertainment apps, and software updates have all played cover for Ransomware while the bad program delivers the payload.
In terms of malware, the payload is the code that infects the device and performs the harmful action. Ransomware locks a user out of their own phone and there are three primary ways it does this.

Protection agains ransomware

1. Fake Police Alerts – A warning page appears on the screen and locks itself, explaining that the authorities (FBI, Department of Defense, Cyber Crime Center, etc.) have discovered illegal activities on the phone.

2. Lock Screen – The Ransomware infiltrates the phone’s lock screen, and appoints itself or trick the user into making it the device administrator. Then the malware prevents the user from using the phone until payment is made.

3. File Encryption – Data is scrambled and people receive a ransom note saying, “Your phone has been encrypted. Pay $300 to us and we will give you the key.”

Payloads vary slightly, but in all cases Ransomware leverages a person’s data against them and demands money, usually between $200 and $500. Some of the most successful Ransomware have stolen millions of dollars and they include the programs Koler, Simplelocker, and CryptoLocker among many others.

What to Do if You Are Victimized

First of all, because Ransomware is not in the Google Play Store, phones must be set to “allow apps from unknown sources” for Ransomware to be downloaded. However, people approve apps for download all the time, and if you are infected with Ransomware, removal is difficult but possible. Here are the options:

1. Pay the Ransom – Obvious but not a favorable choice

2. Factory Reboot – Complete restart that results in a loss of all data and photos

3. Enter “Safe Mode,” Remove Ransomware as Device Administrator, Uninstall Ransomware

Antivirus for Android
How to Prevent Ransomware

The best defense against Ransomware and other form of malware is to prevent them from ever accessing your phone. One way to protect your phone is to install an antivirus app that has the ability to scan files in real time. This means that apps, websites, and zip files will be checked out before they are downloaded, and if malware is detected, then you will be alerted. No coincidently, Android Security Suite is designed to do just that; vet everything for malicious software before it becomes an issue. With Android Security Suite on your phone, you don’t have to worry about Ransomware, I guess you could say we are the preemptive hero of your personal hostage film.

Don’t let malware score a goal against you in the world cup

malware. worldcup. BLOG

Cyber crime can score a goal against you during this world cup as mobile malware is becoming more spread, stealing information, exhausting the life of your devices or money with apps that you install in your mobile devices.

Hackers are targeting IOS but hitting harder on Android devices, as 99% of cybercrime in the first quarter of 2014 targeted Android. Due to the open architecture of Android, it has allowed the increase of threats such as mobile banking Trojans.

Another kind of popular malware being found is Ransomware, a type of malware that locks your device and holds the victim ransom until payment has been made, making it very difficult to uninstall.

Also, malware spreads easily and quickly through social media such as Facebook and Twitter. Impressive pictures or videos are the most common ways to lure victims to download them.

giant-snake-3

Nowadays, with the world cup at the highest peak many football fans around the globe follow the latest news and applications in search of a variety of pictures, videos and games.

But for people not aware of these threats, a large portion of these apps are malware and they are set to read your private messages, identify your location or steal your bank account information.

To prevent this, it is not only important to have an antivirus like MyAntivirus but also to read the application permissions before install which require access to your contact list or to pinpoint your location. Some malware can send SMS messages that cost you money or install other malware apps without your knowledge.

The world cup, as any other big event in the past, is becoming a great hook for hackers to attract victims.

Caution is always advised, so get a good antivirus such as MyAntivirus to prevent the installation of malware but also, think twice before agreeing to intrusive app permissions and pushing the install button.

Why Google is wrong and why mobile antivirus is needed

Android malware

“Mobile anti-virus is not needed”, says Google’s head of Android security. Speaking to journalists at the company’s Mountain View headquarters in California, Adrian Ludwig states that there’s no reason to install something in addition to the security that Google provides.

Nevertheless, fragmentation among the different manufacturers remains one of Androids security problems that Google is trying to tackle in the new versions of Android. Google claims that Android antivirus apps are pointless and just scams.

With the upcoming release of the Mobile Cloud Labs new Android Security Suite we couldn’t disagree more. Not all Android antivirus applications are equal though. Through both internal testing conducted at Mobile Cloud Labs and independent tests, we have shown just the opposite of what Google states.

In fact, we agree that Android is most definitely a secure system as it is built on top of Linux with several design features that add layers of protection. Google is right from the standpoint that a true “antivirus” may not be needed.

Viruses by definition are self-replicating and typically inject themselves into files and other executable applications, which without a rooted Android phone is extremely difficult to do on an Android device.

However, Antivirus companies label their products as “antivirus” because that is what people have learned to look for coming out of the Windows era. What is definitely possible with Android that most good “antivirus” apps protect against, are classifications of malware such as “Spyware”, “Ransomware”, “Trojans”, and “Scareware”. These types of applications can steal your information, cause unexpected behavior and slow down your mobile device.

Android malware is typically built into simple unsuspecting apps such as flashlight apps, battery apps etc. If you download a flashlight app for your Android device and it requires any special privileges (presented to you before download), this is the first sign of bad intention by the distributor and possible malware.

The team behind Mobile Cloud Labs knows this because they have written proof of concept applications internally in order to know what to look for and what to protect against in our upcoming Android Security Suite.

Google is correct in the fact that mobile antivirus is not needed. Where they stand corrected is that the majority of mobile antivirus apps on the market are actually protecting against other forms of malware not necessarily viruses. These apps are marketed that way because face it, when was the last time you searched for “anti malware”?