Skyrocketing Android ransomware has quadrupled over past year, says new report

Image: iStockphoto/Alex_Schmidt

It’s been a tough week for Android security. First, one of the biggest mobile trojans ever was found to be running on 1.2 million Android devices, and now the number of Android ransomware cases are growing tremendously.

A new Kaspersky Lab study claims that incidents of ransomware on Android devices have “skyrocketed” over the past year, with the total number of incidents quadrupling from March 2015 to March 2016.

Ransomware, a type of malware that imposes restrictions on a target device until a sum of money is paid as a ransom to remove, is largely touted as an issue primarily affecting PC users. But, if the study’s results are accurate, it could point to a growing trend of ransomware among mobile users as well.

SEE: 1.2 million infected: Android malware ‘Hummer’ could be biggest trojan ever (TechRepublic)

According to Kaspersky, which provides security solutions and anti-virus tools, the company protected 35,413 users from mobile ransomware from April 2014 to March 2015. By March 2016, however, that number had increased to 136,532 users. Ransomware as a total proportion of malware attacks also increased in the same time period from 2.04% to 4.63%.

In terms of which countries experienced the most ransomware as portion of their overall malware incidents, the top 10 were:

  1. Germany – 22.90%
  2. Canada – 19.61%
  3. United Kingdom – 16.13%
  4. United States – 15.64%
  5. Kazakhstan – 14.42%
  6. Italy – 12.54%
  7. Netherlands – 12.30%
  8. Spain – 5.27%
  9. Russian Federation – 4.91%
  10. Ukraine – 4.63%

More about IT Security

Survey: Declaring cyberwar on cybersecurity threats

Cybersecurity is a key issue, with digital forensics teams arming organizations against the threat of data breaches and network security. Take our survey and get a free copy of the research report.

Why these countries were targeted the most is hard to say, but the report did mention that “mobile and e-payment infrastructure is much more developed and has deeper penetration than in countries that are at the bottom of the list or not on it at all.” So, they’re likely going after the users who can most easily transfer money for ransom, often with a few taps or clicks.

Kaspersky noted that the growth trend still pales in comparison to that experienced in the PC market, but they said it’s enough to “confirm a worrying trend.” The top two threats were ransomware known as Fusob (56.25%) and Small (37.23%).

So, why is ransomware exploding? First, it’s because users are more willing to pay. “It seems that in recent years regular users and companies have reached the point where the information stored on their PC is valuable enough to consider paying a ransom on demand,” the report said.

Other factors that play into the rise of ransomware are the growth of cryptocurrencies and the difficulty for law enforcement to respond to attacks. For more information on the finding, read the full report here.

The 3 big takeaways for TechRepublic readers

  1. A Kaspersky Lab study claims that mobile ransomware on Android devices has grown by almost 400% over the past year, leading to a “worrying trend.”
  2. Germany, Canada, and the UK experienced the most ransomware as a portion of their malware attacks, likely due to stronger mobile and e-payment infrastructure.
  3. Ransomware is growing overall because users are more likely to pay the ransom, and because it is harder to track.

Also see