Android ransomware hits new high

ESET has reported a more than 50% increase in the detection of Android ransomware in 2016, historically the highest number of attempts to penetrate devices. 

ESET presents the latest annual data based on its LiveGrid technology in the white paper entitled “Trends in Android Ransomware”.  Findings are released just ahead of Mobile World Congress, taking place in Barcelona from 27 February to 2 March 2017.  ESET experts will be highlighting the topic at the Congress in Hall 5, booth B05.

“Altogether we saw an increase in Android malware detection by around 20%, with ransomware on this platform growing at ever faster rate,” says ESET Chief Technology Officer Juraj Malcho, who will address this topic during MWC 2017. “Even as ESET observed the largest spike in the first half of 2016, we are nowhere near saying that this threat will disappear anytime soon.”

Authors of lock-screen  as well as file-encrypting “crypto-ransomware” types have used the past 12 months to copycat effective techniques from desktop malware. They have also developed their own sophisticated methods specialized for targets running Android devices.

In addition to the most prevalent scare tactics used by lock-screen “police ransomware”, cybercriminals have been putting increased effort into keeping a low profile, by encrypting and burying the malicious payload deeper into the infected apps.

In 2015, ESET observed that the focus of Android ransomware operators shifted from Eastern European to US mobile users. However, last year demonstrated a growing interest by the attackers in the Asian market. “Indeed it is fair to say that ransomware for Android has become a full-scale global threat,” adds Malcho.