ESET has recently discovered the first confirmed case of ransomware that encrypts files held by Android devices.
A Trojan, named Simplelocker, scans the SD care for certain file types, encrypts them, and demands a ransom in order to decrypt the files. Types of files that could be encrypted include jpeg and gif images, dot and txt files, and mkv, avi and mp4 media.
Simplelocker, at present, seems to be a proof-of-concept rather than a fully-fledged attack ready for mass release, however smartphone users should be cautious of installing software from sources other than the operating system-provided application store, and should protect themselves against threats using defensive measures. For example, a mobile security app such as ESET Mobile Security for Android will keep malware off your device.
“There is an increase on serious threats targeting Android devices,” says Carey van Vlaanderen, CEO of ESET Southern Africa, ‘and the trend is predicted to continue in 2014.”
* Don’t assume you are safe on Android – links, downloads and attachments are just as risky on Android as they are on PC, and while it is easy to assume that opening emails on Android is less risky than on a PC, phishers may direct users to a website on their device where they are wanting to obtain information.
* Steer clear of old Androids (if possible) – older versions of Android are less secure. The biggest problem for consumers is the number of old phones running Android that are still in use, and operators will not release new versions. This means that old phones are outdated and vulnerable to attacks.
* Lock your phone – it simple, but many users don’t take advantage of this very basic security measure. Locking your phone is one measure to assist in preventing attacks on your device. There’s no excuse, if you have the option to lock your phone, do so.
* Do not keep sensitive information stored on your phone – avoid saving any private, sensitive information on your device, whether this is a passport photo or credit card information – anything that pertains to you and your identity could be of significant uses to a cybercriminal.
* Inspect every apps permission – permissions such as “full network access” or ability to receive SMS should make you think twice about installing the app. It does not necessarily mean that the app is malicious, but when attached to a screensaver, clock or another app which has no logical reason to need to communicate abilities, this should be a warning.
* Never pay for ransomware – under no circumstances should you ever pay up. Paying is a motivation for criminals to continue with attacks. There is also no guarantee that they will decrypt your device.