Android Phones Are Targeted by Ransomware Gang
Click here to load reader
-
Upload
yusuph-kileo -
Category
Documents
-
view
217 -
download
1
Transcript of Android Phones Are Targeted by Ransomware Gang
YUSUPH KILEO Page 1
ANDROID PHONES ARE TARGETED BY RANSOMWARE GANG.
Summary: The arrival of
Ransomware on the mobile scene is just
the beginning of a gathering storm.
"This is going to be massive," said
Trend Micro VP JD Sherry. "This will
be the year that we see a tremendous
amount of malware hitting mobile
phones, and I don't think consumers and
organizations are prepared to handle
these attacks once they migrate to
mobile devices."
The gang that pioneered the idea of locking up a target's computer and demanding a ransom to
unlock it has turned its attention to the rapidly growing mobile market. Once Reveton mobile
infects a phone, it will display a bogus warning from a fractured local law enforcement authority.
In the U.S. it's "Mandiant U.S.A. Cyber Security/FBI Department of Defense/U.S.A. Cyber
Crime Center."
Needless to say, the gang doesn't know a lot about the U.S. government or law enforcement, but
that's irrelevant to someone whose phone is suddenly bricked until the online extortionists get
their payment. The gang's tactics haven't changed since they introduced their malware years ago.
"Just as its Windows-based variant, it performs a geolocation lookup for the device's IP and
displays a customized page using some local law enforcement branding," explained Bogdan
Botezatu, a senior e-threat analyst with Bitdefender.
YUSUPH KILEO Page 2
"In order to get their phones back," he told TechNewsWorld, users must "pay a $300 fine via
untraceable payment mechanisms such as Paysafecard or uKash. “A phone can acquire the
Ransomware just by visiting an infected porn site, Botezatu explained. However, some user
interaction is needed to install the bad app once it reaches a phone.
Although the malware's warning screens claim the app encrypts all data on the phone, making
the data inaccessible, that claim may be dubious." The marketing efforts of the bad guys can be
impressive;" added Britton, "but the capability of the actual technology can be less than that."
Rather than encrypt all the data on the phone as CryptoLocker does on a PC, mobile Reveton is
pure Ransomware. "It puts a wrapper over all the interfaces and UIs," JD Sherry, vice president
of technology and solutions for Trend Micro, told TechNewsWorld. "So a user can't do anything
because malware has system-level access."
The malware doesn't make the effort to obtain the permissions it would need to encrypt data on
an Android phone, Botezatu explained. "The cybercriminals wanted to keep it simple," he said.
"This might be the first iteration -- a test case, if you will -- of a very successful breed of mobile
Ransomware."