According to a new Kaspersky Lab report, 2015 was the year of ransomware, a type of malware that prevents or limits users from accessing their system. Once a device is infected with this type of malware, the malicious app blocks the device with a pop-up window carrying a message that the user has committed illegal actions. In order to unlock the device, the user has to pay a ransom ranging between $12 and $100.
The number of users of Kaspersky Lab mobile products attacked by ransomware increased from 1.1 percent to 3.8 percent between 2014 and 2015. Attacks were registered in 156 counties, with Russia, Germany and Kazakhstan the most hit. The number of ransomware app modifications has increased by 3.5 times, proof that fraudsters are seeing ever more advantage in earning money from users via blackmail. 2016 is likely to see an increase in the complexity of the malware and its modifications, with more geographies targeted.
Nearly half of the top 20 Trojans in 2015 were malicious programs displaying intrusive advertising on mobile devices. The most widespread last year were the Fadeb, Leech, Rootnik, Gorpro and Ztorg Trojans. Fraudsters used every available method to propagate these Trojans, through malicious web-banners, fake games and other legitimate apps published in official application stores. In some cases they were positioned as legitimate software preinstalled by the device vendor.
Some of these apps have the ability to gain super-user access rights or root access. Such rights give attackers an almost unlimited ability to modify information stored on an attacked device. If the installation is successful the malware becomes almost impossible to delete, even after a reboot to factory settings. Mobile malware with the ability to gain root access has been known about since 2011 and last year it was extremely popular among cyber-criminals. This is likely to continue in 2016.
However, the scale on which such malware could be utilized grew significantly in 2015. Now cyber-criminal scan attack clients of dozens of banks located in different countries using only one type of malware, while previously they would have used malicious apps that could only attack one or two financial services organisations in just a few countries. An example of a malicious application with multiple targets is the Acecard Trojan, which has tools for attacks against users of several dozen banks and web-services.
“Asmobile devices become more and more functional, cyber criminals have become more and more sophisticated atattacks that attemptto steal money from users. Last year was the year of banking Trojans and ransomware. Adware was widely used to infect devices with more sophisticated malicious programs. We also witnessed growing interest in malware that can gain super-user access on users’ devices.To stay safe do not neglect reliable mobile anti-virus solutions. Bear in mind that prevention of the threat is better than suffering losses after the infection,” advises Roman Unuchek senior malware analyst at Kaspersky Lab USA.
Kaspersky Lab is a global cyber security company founded in 1997. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe.