Slovakia based security firm Eset have confirmed fears by documenting the first confirmed case of a new ransomware on Android, a trojan that encrypts data stored on your local storage and demands a ransom for them to be decrypted and used.
The trojan targets SD cards slotted into tablets and handsets, electronically scrambling certain types of files on them before demanding cash to decrypt the data.
“File-encrypting malware has proved to be a lucrative criminal enterprise so it is unsurprising that Android has become a new target,” said Dr Steven Murdoch, of the University of Cambridge’s Computer Laboratory.
He continued “Smartphone users should be very cautious of installing software from sources other than the operating system-provided application store, and should pressure their phone supplier to promptly provide security updates to defend against known vulnerabilities.”
Is my device affected?
Infected devices bring up the following Russian-language warning and payment is requested in Ukrainian currency:
It goes on to advise “After payment your device will be unlocked within 24 hours. In case of no PAYMENT YOU WILL LOSE ALL DATA ON your device!”
“While the malware does contain functionality to decrypt the files, we strongly recommend against paying up – not only because that will only motivate other malware authors to continue these kinds of operations, but also because there is no guarantee that the crook will keep their part of the deal and actually decrypt them.” Advises security firm Eset
The types of files that could be encrypted include jpeg and gif images, dox and txt text files, and mkv, avi and mp4 media.
Although this is the first reported instance of Android ransomware encrypting files, there have been other types including Reveton which leaves your data intact but locks you out of your computer, and demands a fee to let you back in and Koler which takes over your Android with a warning that claims you are under surveillance by federal agents for alleged criminal activity.
Stay protected from Android Ransomware
Here are five easy tips to help you deal with Android malware of all sorts:
- Install a reputable anti-virus program to vet all new apps automatically before they run for the first time.
- Be cautious of apps you are offered in ads and pop-ups.
- Stick to Android’s default setting of allowing installs from the Google Play store only.
- Keep off-device backups of your important data.
- Learn how to use ‘Safe Mode’ on your device, just in case you ever need it in a hurry.
How can Spectrum Help?
Spectrum’s Mobile Device Management Solutions can help you to minimise your exposure to these risks by providing a simplified, efficient way to view and manage all devices from a central admin console.
When faced with any kind of threat, Spectrum’s Managed Mobile Service gives clear and independent advice with fast access to expert knowledge and experience providing a totally seamless service, making effective use of your time.
To speak to one of our advisers in person please contact us by phone on 0844 856 3301 or fill in your details on our online form and we’ll get right back to you.
