Kaspersky Labs KSN Report: Ransomware in 2014-2016 reveals that cyber criminals have turned their attention to mobile devices – predominately Android due to market share but there are attempts made on iOS devices as well.
It says Germany, Canada, United Kingdom, US, Kazakhstan, Italy, and the Netherlands all have double-digit percentage attacks.
It says that in countries at the top of the mobile ransomware list, mobile and e-payment infrastructure is much more developed and has deeper penetration. Criminals like to get as close to their victims' money as possible and attacking a user who can transfer the ransom in a couple of clicks has the most appeal.
The upturn is also due to Ransomware as a Service (RaaS) being offered via affiliate networks. Most of today’s crypto ransomware has Russian roots, wtih regard to both the authors of the malicious code and of the actors who spread the malware and demand the ransom.
The groups behind ransomware attacks are mainly small or medium-sized, and they co-operate using a business scheme: affiliate networks. Small groups often consist of non-professional but very motivated members willing to invest money and time in any cyber criminal activity promising money.
Middle-sized groups usually have some professional programmers and web technology specialists. They can produce malware and to build and support the IT infrastructure that forms the technological backbone for the malware.
Over the last few years, middle-sized groups have been able to create several “products” that, in the case of ransomware comprise a kind of DIY set that less-skilled criminals can buy, modify into their unique version of the malware, and then use to make money.
Kaspersky says that ransomware is skyrocketing simply because people pay up via untraceable cryptocurrency. It says the extortion model is here to say.
It offers the following tips:
- Backup regularly – you can always reset the device and reinstall from a backup.
- Use a paid security solution
- Keep the OS patches and up to date
- Don’t click on any ‘suspect’ links or install software unless you have requested it from Google Store.
- Don’t look for free porn or ever install a “required player”
- Don’t pay!