Although ransomware largely infects Windows PCs, Macs too are increasingly becoming easy prey as KeyRanger proved. Even Android devices are not safe from ransomware threats.
Android Fakedefender was discovered in June 2013. It masqueraded as a security scanner. Predictably it locked the device interface after finding ‘critical threats’. Android Fakedefender also tried to prevent victims from uninstalling it. The agenda was to pressurize victims into paying for a license which would supposedly resolve ‘all issues’.
Later versions began to aim solely on locking the device and not feign as a security tool. Android Lockdroid.E, was one of the first instances of locker ransomware on Android. It was made to look like an app for a popular adult video website to lure potential victims into installing it. Once installed, the Trojan displayed a fake FBI warning (much like the desktop version) that demanded a fine of $500 for accessing ‘forbidden pornographic sites’.
Android Simplocker, heavily inspired by desktop crypto ransomware emerged in 2014. But its execution was much more sedate than the desktop versions owing to Android’s security model.
In early 2016, cyber-criminals created a particularly vicious strain of Android ransomware that threatened to bare users’ browsing history. The ransomware dubbed as ‘Lockdroid’ misled users by tricking them into using malware allowing the code to gain admin privileges on targeted devices. However, the malware is only a threat for those using versions prior to Android Lollipop.
Like all other Crypto Ransomware, the malware encrypts files before demanding a ransom. It posts up a fake message supposedly from the US Department of Justice saying that the mobile device has been locked after visiting sites containing adult/illegal content but it can be unlocked after paying a “fine”, which in reality is a ransom to unlock your own phone.
What makes victims more vulnerable to this particular ransomware is the threat of their potentially embarrassing browsing history going public if they fail to pay the ransom. Lockdroid gains access to a user’s browsing history and contacts list, before threatening to expose a victim’s potentially embarrassing browsing history by forwarding it to their contacts.
Lockdroid poses an adult site. Therefore, it is not found on Google Play and may be downloaded from third-party app stores, forums, or torrent sites, according to Symantec.
Because the malware seeks admin rights privileges, Lockdroid is also capable of locking the device, changing the device PIN, and deleting user data through a factory reset.
So far, ransomware has not been able to infect iOS. For ransomware developers, it’s a long drawn process with no guaranteed outcome. They would first have to obtain an enterprise developer certificate from Apple, build their app, sign it with the enterprise certificate. Thereafter, they would have to distribute the app to potential victims, and convince them to install it. After all the trouble, if Apple chooses to, they can easily shut down their operation simply by revoking the certificate! But surely, cybercriminals are going to find a solution to this too.
How to avoid being a victim?
Ransomware is after your data. So if your data is safe, you are very well safe from the vicious malware. Data backup is the key. Cloud storage is one of the best ways to backup your data. Right Backup is cloud storage app you can install to create unlimited data backup and give ransomware the slip.