“The moment you unbox your phone, ensure that your operating system is up to date. Additionally, ensure that any pre-installed applications and applications that you download are also of the latest version. Updates help to patch vulnerabilities that expose your device to cybersecurity risks such as ransomware and malware.”
Ransomware isn’t a PC-only problem anymore. A recent mobile example that came to mind is Charger. Discovered in January 2017, its host app saw at least one million installs across Android OS devices. Like WannaCry, it demanded Bitcoin payment, but it threatened to sell the victim’s personal information if demands aren’t met. While it sounds like typical ransomware misfortune, what made Charger more dangerous was how it rode in through the official Google Play store.
Mobile ransomware is also on the rise. When observing mobile trends from April 2015 to April 2016, Federico Maggi, Trend Micro’s Senior Threat Researcher, saw a 140% growth in Android ransomware samples, with up to 22% of all mobile malware being ransomware.
Ransomware on mobile devices is an evolution from typical smartphone malware. In our HWM November 2016 issue, we looked at CallJam: a clear example of a ransomware variant that managed to infect 500,000 users via a Google Play-verified app. According to Check Point cybersecurity firm, it forces the mobile device to dial expensive premium calls and it displays fraud advertisements that profit the creators. What makes CallJam more interesting is how it baits the user with more in-app features, asking them for a glowing Google Play store review in exchange for additional content.
As with the examples given above, simply looking at star-based ratings or downloading official APKs from legitimate app stores isn’t sufficient malware protection anymore. Some 4,000 apps were removed from the Google Play app store in the past year, with more than 500,000 devices around the world still holding onto these apps. Google did not notify their users when an app is no longer supported, leaving many orphaned apps on phones.
Are phones more susceptible to their PC-counterparts? Well, the McAfee Mobile Threat Report for 2017 reasoned that malicious apps have an easy time infecting smartphones due to a lack of transparency in app stores, combined with the ease of getting an app approved for sale. Trend Micro’s 2016 report actually found more than 400 malware-laden apps on the official Play store itself. In fact, a known alert window vulnerability that existed since Android 6.0 will only get a fix in “Android O” this August, which emphasizes how vulnerable the mobile ecosystem can be. Also, unlike computers, mobile users may not even have the option to update their devices. It is common that older devices do not receive the latest software. So what can mobile users do?
At the basic level, education and due diligence. Understand the apps you download and the permissions they require; reduce the amount of sensitive data stored on your devices and cloud-based services; and lastly, do not pay the ransom, ever. It will only encourage ransomware makers, proving its effectiveness.