The threat of ransomware has spread from the computer to mobile devices. And the risk is even greater if the kidnapping is combined with bank trojans.

 

The rise of ransomware is indisputable. Last month, Cyber ​​Edge Group presented the study ‘2018 Cyberthreat Defense Report’ , which reveals that Spanish organizations have been the most affected by ransomware attacks. Nothing less than 80% of the companies consulted acknowledged having been affected by a ransomware attack in the last 12 months, ahead of China (74%) and Mexico (71.9%).

It was only a matter of time before the threat was also extended to mobile devices, where, in general, the vulnerability is greater. Check Point Software has detected considerable growth in ransomware for smartphones and tablets, with the dangers involved. First, it emphasizes that mobile ransomware creators are trying to infiltrate Google Play by all means, with the aim of reaching as many victims as possible and maximizing their benefits. It specifies that it is not easy to circumvent Google’s protections, but its researchers have already detected a variant called ‘Charger’ that has achieved it. Thus, it considers that it is likely that new families of ransomware manage to sneak in soon.

In addition, it warns that this type of malware is constantly evolving. Thus, he notes that the mobile ransomware attacks registered so far have only managed to encrypt some parts of the device and the files stored on it or block user access to the computer, Without encrypting anything. Check Point indicates that this is due to the fact that many permissions are required to access certain parts of the smartphone, demanding great effort from cybercriminals. However, he anticipates that we can expect that in the near future there will be variants capable of rendering the entire terminal useless, even if it is reset. And they can also block the SD card, which usually contains the data most appreciated by users.

But if the threat of losing all our files is not enough, the company talks about the pernicious conjugation of bank ransomware and trojans for mobile devices. Every time we do more banking operations through this type of equipment, making it easy to realize the risk involved. Although this type of malware is kept at bay on computers, it is booming on smartphones and mobiles, mainly because can easily bypass protection mechanisms such as two-factor authentication.

The company predicts that it is possible that these attacks by Trojans begin to include ransomware as part of their operational strategy, in order to prevent the user from defending themselves. In fact, we have already seen examples of cybercriminal organizations that jump with great agility from the banking trojan to ransomware. ESET announced last February that the authors of the Dridex Trojan were also responsible for BitPaymer or FriedEx ransomware . Also, Check Point explains that the GameOver Zeus Trojan has already used a combined attack strategy, since conjugated DDoS attacks with bank fraud, preventing victims from interrupting the attack. And BankBot used ransomware camouflage methods to infiltrate Google Play .