Many people believe that mobile phones are immune from the type of malware attacks that plague desktop systems. Two separate ransomware attacks in recent weeks demonstrate that such thinking is out of touch with today’s reality.
Ransomware is an attack strategy where hackers are able to block access to a system or to user data files until the user pays a ransom. The Cryptolocker ransomware program alone is believed to have extorted in excess of $100 million dollars from desktop users.
Last weekend, security researchers at ESET in Slovakia reported they had identified the first Ransomware attack on Android devices that encrypts data in a manner similar to Cryptolocker. Previous Android ransomware threats identified locked users out of the device and could usually be overcome procedurally.
Simplocker appears to spread via porn sites by pretending to be a custom media player that has to be downloaded in order to view videos. It has also been caught pretending to be a game or other kind of app available for download from a website.
The ransomware, a Trojan called Simplocker, encrypts the user’s files and displays a message that pretends to come from Law Enforcement. It accuses the user of committing a crime, such as illegal downloads and demands the user pay a “fine” before the system will be made accessible again.
Last month, it was reported that hackers were able to take advantage of a loss protection feature in the iPhone,” Find My Phone”, to lock the user out of the phone. A message displays with instruction on making a payment via PayPal to get the phone unlock. Apple posted instructions on its forums on how to get the phone unlocked, but users reported that the hackers were able to reestablish control in a short time.
The good news is that yesterday, Russian law enforcement reported an arrest in the case. Russian authorities charged 2 Russian citizens, 16 and 23 year olds, in a scheme to compromise email accounts and using Phishing attacks to gain control of a user’s iPhone. It is not clear if the two are the only perpetrators or if there are accomplices or copycats.
It is clear that hackers and fraudsters are increasingly targeting mobile platforms.