Many at risk as new, more dangerous ransomware spreads on Android
This kind of attack originates in Eastern Europe and first proliferated on PCs a few years ago. The scheme proved to be so successful, it was adapted to mobile devices. Since Android has more market share and is easier to penetrate than iOS, it became the target of choice for the malware community. In the last three weeks alone, more than 30,000 devices were infected by just one variant of the malware.
What's really insidious about this iteration of ransomware is that it doesn't always need you to explicitly install anything locally on your device. It infects devices by “drive-by download” - a method which leaves the victim unaware of any intrusion. The victim visits a website that hosts the malicious code, which then injects itself onto the user's device without any prompt. The method is so successful, it is actually used by the FBI and other intelligence and law enforcement agencies to monitor people who browse suspicious websites. Now, hackers are using it to extort innocent victims.
Newer iterations of ransomware not only lock your device, but give access to remote users to the device. This means that while your phone is hijacked, a malicious user can access your phone's data, use its camera, or make and take calls. Such developments are really worrisome and have inspired security firms to keep a close watch on the use and proliferation of the malware. In comparison, previous ransomware attacks were merely annoying by repeatedly opening your browser to a specific notice page.
Security experts warn to never grant administrative privileges to unrecognized applications and mind your browsing habits.
1. AfterShock (Posts: 2997; Member since: 02 Nov 2012)
If this drive by works, there is no safety.
Oh well, reboot, reset an restore.
If you're worth half your salt lick,
you've made a back up of the important stuff.
4. jaytai0106 (Posts: 1475; Member since: 30 Mar 2011)
Sadly all my important stuff on my phone are just pictures of my cats o.O which is not important at all...
5. Duketytz (Posts: 524; Member since: 28 Nov 2013)
Hahaha this is why we always have a backup;) We have to one up the hackers
14. Mxyzptlk (Posts: 4173; Member since: 21 Apr 2012)
What's your excuse on this one? Your phone should be more secure than this.
21. AfterShock (Posts: 2997; Member since: 02 Nov 2012)
I can turn admin rights off, can yours?
Oh wait, you're simply not trusted to use it fully, sorry.
31. Heatfan316 (Posts: 453; Member since: 21 Aug 2011)
Thanks for putting that troll in his place +1
36. Mxyzptlk (Posts: 4173; Member since: 21 Apr 2012)
Sure, call me once you get to the "root" of the problem.
2. rantao333 (Posts: 277; Member since: 21 May 2013)
guess what, i know the following comments
" i never experienced these kind of issues"
" just dont open suspicious website and you will be fine"
" is it a micheal H article?"
" typical i-phonearena article"
12. itsdeepak4u2000 (Posts: 2867; Member since: 03 Nov 2012)
Very good, you saved our precious time. :)
3. NexusPhan (Posts: 541; Member since: 11 Jul 2013)
Why oh why oh why are people completely ignoring the security warning that pops up and downloading apps from porn websites they visit and then granting those apps admin privileges. What's wrong with people these days. This should seriously be the easiest malware to avoid ever.
Also, I read anything and everything from Lookout and NYT with extreme caution. I'd like to see a real source first.
Don't go thinking this in an Android only issue.
11. elitewolverine (Posts: 2114; Member since: 28 Oct 2013)
It is not an android only issue, but what was stated is that iOS is harder to get into. And since andriod is the larger of the pie, they are targeted more frequently. Also if you read the article, it states that it can install without you saying yes or no.
15. NexusPhan (Posts: 541; Member since: 11 Jul 2013)
Did you read the NYT article? You have to grant it admin access for it to work. Why is anyone doing that?
I still want a real source that isn't one trying to sell you premium android security apps.
20. AfterShock (Posts: 2997; Member since: 02 Nov 2012)
He has to have ammunition against android for customers that laugh when he suggests wp instead.
32. AJagtiani (Posts: 466; Member since: 24 Apr 2014)
Did he mention WP anywhere in his comment? Are you crazy? Get over your fascination of WP if you hate it so much !
6. frydaexiii (Posts: 1239; Member since: 01 Dec 2011)
I don't get how these work...An app can't just install by itself, which means the user has to have installed it themselves. And if they can do that and the message or something shows up, just uninstall the app...
7. AfterShock (Posts: 2997; Member since: 02 Nov 2012)
Good point, each open tab on chrome is sandboxed.
Not sure how this would work.
10. NexusPhan (Posts: 541; Member since: 11 Jul 2013)
In this case the drive by download means the user is thinking they are installing one thing (usually a porn video player) when it really installs another (the malware). The user has to grant the app ADMIN rights (insane) and bypass Android's warning screens (double insane). How are there 30,000 people dumb enough to do this??
8. ManusImperceptus (Posts: 693; Member since: 10 Jun 2014)
Oh, the joys of owning an Android device... ;-)
9. AfterShock (Posts: 2997; Member since: 02 Nov 2012)
Just in case you didn't bother to read post 3.
The joys indeed.
We can reset an restore on the spot, can your phone?
13. elitewolverine (Posts: 2114; Member since: 28 Oct 2013)
Yes, yes i can, i will get my start screen back, my contacts, my texts, my apps, my photos/videos, settings etc. No 3rd party download, no wifi needed, it just 'works'.
Then again i have not seen a case like this for my phone so i dont know if it would happen.
Also you can post that link all you want, you are ignoring that android is easier to hit than iOS.
16. BlueGoldAce (Posts: 13; Member since: 22 Nov 2012)
You are ignoring the fact that you have to be an idiot to get hit with either platform.
If you download an unknown app (meaning you have enabled this ability in settings, for instances such as downloading a pirated app, and in which case I don't feel sorry for you) from a shady site (porn, torrent, whatever), install it, grant admin privileges (your an idiot at this point), bypass the warning screens (completely brain dead)....then maybe you shouldn't have a smart phone? I mean really?
Also, while android may be easier to hit (which above, still requires you to be a bit stupid) it is this freedom that grants android features and abilities that other operating systems don't have.
18. AfterShock (Posts: 2997; Member since: 02 Nov 2012)
He jelly, nothing more.
No real interest in his platform, not even from hackers.
Well considering most are bottom end of the rung of phones, i guess it makes sense not to bother.
23. elitewolverine (Posts: 2114; Member since: 28 Oct 2013)
Jelly? For what? Right now i rock a Note 3 as a backup phone, this 4th one of mine seems to be much better than my previous ones, which is great. Daily not only do i play with my Note 3 for work, i get to play with other devices as well, daily for hours. So far the z1s has been my favorite android atm, the m8 feels awesome in my hand thinking of getting one to replace the note 3 if it fails again.
You jelly that i can reset my main phone with no worries? I actually do this to freak customers out, because most of their devices do not do this automatically nor are not capable without 3rd party intervention.
24. AfterShock (Posts: 2997; Member since: 02 Nov 2012)
I guess you are right up WP alley, you have had three N3s go bad an yet, you stick it out with Android?
Fudge, You bet.
We know you claim to carry, but purport other. not really believable to the majority here, sorry bro.
I am Android Shill period,...I'll admit.
You are a WP shill that likes to cloak behind fallacies of fantasy that you portray.
29. elitewolverine (Posts: 2114; Member since: 28 Oct 2013)
I could care less what is 'believable'.
Why do i stick with android with my 4th device? why not. The warranty covers a device i have paid for. For me not to use the warranty to be extremely stupid. Now if i was doing this out of warranty then yes that would be dumb. But i have paid $5 to get my note 3's replaced, big whoop.
I don't hate android either, i like android, i recognize its faults, live through its faults, tech its faults daily, every single day over 2 dozen android issues.
Been blessed with being able to have more than one device, able to own over 8 android phones in a shorter period than most and ability to own likewise wp.
I loath apple devices, but they are the easiest devices to take and apple techline for us, is a godsend and makes other OEM feel ashamed.
Yes you are a shill, for me, i am a tech fan. I will be likely getting another android shortly along with a wp, because i can.
35. AfterShock (Posts: 2997; Member since: 02 Nov 2012)
Still, you troll Android.
No bs there.
Just because you like it, doesn't make that trolling passable.
Tech fan, my arse.
39. elitewolverine (Posts: 2114; Member since: 28 Oct 2013)
your arse must be fake then...I do not troll android articles. If you notice my posts i am mainly in windows articles. And the android articles i do post in, which is rare, it is not a troll.
Am i a troll for responding to you that my OS out of the box has one of the best non 3rd party backups?
Perhaps you are the bridge, that me, this troll lives under, the bridge of your denial and inability to accept anothers choices and know the OS they use daily has faults and issues that he fixes DAILY.
19. AfterShock (Posts: 2997; Member since: 02 Nov 2012)
Hugs an kisses from the leader,
that ought to help you from feeling left out.
One day, you're os eco system will big enough to target, maybe lol.
17. tokuzumi (Posts: 351; Member since: 27 Aug 2009)
While not 100% foolproof, I make sure "Install apps from unknown sources" is unchecked. I can only install apps from the Play Store. I only turn it on when I am installing something I want from the Amazon App Store.
25. parthoman (Posts: 80; Member since: 18 Aug 2014)
get a blackberry and forget these security issues :) .
it can never be jailbroken nor rooted.
28. BREvenson (Posts: 214; Member since: 17 May 2012)
I back up all my apps at least once a week, and everything else is saved on my external SD. Of course, when the phone is on, it's just as susceptible to intrusion by hackers as the internal storage, but at least it's a bit of a stopgap.
Either way, if I ever see my Atrix HD get hacked with ransomware, the power and volume up keys will be my lifesaver...unless they find a way to shut that process down.
33. theguy2345 (Posts: 308; Member since: 24 Jun 2014)
This is one of the advantages to having very low market share. No one will go after you
34. Rocket (Posts: 27; Member since: 24 Feb 2014)
This stupid malware blocked my chrome browser last week had to uninstall/reinstall bcuz they were asking for a greendot card of $300 to unblock.