Many at risk as new, more dangerous ransomware spreads on Android

Many at risk as new, more dangerous ransomware spreads on Android
A story in the New York Times details the growing spread of “ransomware,” a type of malware that hijacks your mobile device under the pretext of your “breaking the law”. Usually, a message pretending to be from a cyber security firm or a law enforcement agency such as the FBI will pop up on your screen. It will tell you you've broken the law and the only way to get control of your device is to pay a “fine” of several hundred dollars. The malware prevents you from dismissing this message or otherwise using your phone. Flashing your device will take care of the problem, but you are running the risk of losing your data. Your other option is to pay up.

This kind of attack originates in Eastern Europe and first proliferated on PCs a few years ago. The scheme proved to be so successful, it was adapted to mobile devices. Since Android has more market share and is easier to penetrate than iOS, it became the target of choice for the malware community. In the last three weeks alone, more than 30,000 devices were infected by just one variant of the malware.

What's really insidious about this iteration of ransomware is that it doesn't always need you to explicitly install anything locally on your device. It infects devices by “drive-by download” - a method which leaves the victim unaware of any intrusion. The victim visits a website that hosts the malicious code, which then injects itself onto the user's device without any prompt. The method is so successful, it is actually used by the FBI and other intelligence and law enforcement agencies to monitor people who browse suspicious websites. Now, hackers are using it to extort innocent victims.

Newer iterations of ransomware not only lock your device, but give access to remote users to the device. This means that while your phone is hijacked, a malicious user can access your phone's data, use its camera, or make and take calls. Such developments are really worrisome and have inspired security firms to keep a close watch on the use and proliferation of the malware. In comparison, previous ransomware attacks were merely annoying by repeatedly opening your browser to a specific notice page.

Security experts warn to never grant administrative privileges to unrecognized applications and mind your browsing habits.

source: NYTimes



1. AfterShock

Posts: 4147; Member since: Nov 02, 2012

If this drive by works, there is no safety. Oh well, reboot, reset an restore. If you're worth half your salt lick, you've made a back up of the important stuff.

4. jaytai0106

Posts: 1888; Member since: Mar 30, 2011

Sadly all my important stuff on my phone are just pictures of my cats o.O which is not important at all...

5. Duketytz

Posts: 534; Member since: Nov 28, 2013

Hahaha this is why we always have a backup;) We have to one up the hackers

14. Mxyzptlk unregistered

What's your excuse on this one? Your phone should be more secure than this.

21. AfterShock

Posts: 4147; Member since: Nov 02, 2012

I can turn admin rights off, can yours? Oh wait, you're simply not trusted to use it fully, sorry.

36. Mxyzptlk unregistered

Sure, call me once you get to the "root" of the problem.

2. rantao333

Posts: 346; Member since: May 21, 2013

guess what, i know the following comments " i never experienced these kind of issues" " just dont open suspicious website and you will be fine" " is it a micheal H article?" " typical i-phonearena article"

12. itsdeepak4u2000

Posts: 3718; Member since: Nov 03, 2012

Very good, you saved our precious time. :)

3. NexusPhan

Posts: 632; Member since: Jul 11, 2013

Why oh why oh why are people completely ignoring the security warning that pops up and downloading apps from porn websites they visit and then granting those apps admin privileges. What's wrong with people these days. This should seriously be the easiest malware to avoid ever. Also, I read anything and everything from Lookout and NYT with extreme caution. I'd like to see a real source first. Don't go thinking this in an Android only issue.

11. elitewolverine

Posts: 5192; Member since: Oct 28, 2013

It is not an android only issue, but what was stated is that iOS is harder to get into. And since andriod is the larger of the pie, they are targeted more frequently. Also if you read the article, it states that it can install without you saying yes or no.

15. NexusPhan

Posts: 632; Member since: Jul 11, 2013

Did you read the NYT article? You have to grant it admin access for it to work. Why is anyone doing that? I still want a real source that isn't one trying to sell you premium android security apps.

20. AfterShock

Posts: 4147; Member since: Nov 02, 2012

He has to have ammunition against android for customers that laugh when he suggests wp instead.

32. AJagtiani

Posts: 466; Member since: Apr 24, 2014

Did he mention WP anywhere in his comment? Are you crazy? Get over your fascination of WP if you hate it so much !

6. frydaexiii

Posts: 1476; Member since: Dec 01, 2011

I don't get how these work...An app can't just install by itself, which means the user has to have installed it themselves. And if they can do that and the message or something shows up, just uninstall the app...

7. AfterShock

Posts: 4147; Member since: Nov 02, 2012

Good point, each open tab on chrome is sandboxed. Not sure how this would work.

10. NexusPhan

Posts: 632; Member since: Jul 11, 2013

It's not. In this case the drive by download means the user is thinking they are installing one thing (usually a porn video player) when it really installs another (the malware). The user has to grant the app ADMIN rights (insane) and bypass Android's warning screens (double insane). How are there 30,000 people dumb enough to do this??

27. YourNickname

Posts: 127; Member since: Aug 14, 2014

30,000 is a low number lol

8. ManusImperceptus

Posts: 724; Member since: Jun 10, 2014

Oh, the joys of owning an Android device... ;-)

9. AfterShock

Posts: 4147; Member since: Nov 02, 2012

Just in case you didn't bother to read post 3. The joys indeed. We can reset an restore on the spot, can your phone?

13. elitewolverine

Posts: 5192; Member since: Oct 28, 2013

Yes, yes i can, i will get my start screen back, my contacts, my texts, my apps, my photos/videos, settings etc. No 3rd party download, no wifi needed, it just 'works'. Then again i have not seen a case like this for my phone so i dont know if it would happen. Also you can post that link all you want, you are ignoring that android is easier to hit than iOS.

16. BlueGoldAce

Posts: 30; Member since: Nov 22, 2012

You are ignoring the fact that you have to be an idiot to get hit with either platform. If you download an unknown app (meaning you have enabled this ability in settings, for instances such as downloading a pirated app, and in which case I don't feel sorry for you) from a shady site (porn, torrent, whatever), install it, grant admin privileges (your an idiot at this point), bypass the warning screens (completely brain dead)....then maybe you shouldn't have a smart phone? I mean really? Also, while android may be easier to hit (which above, still requires you to be a bit stupid) it is this freedom that grants android features and abilities that other operating systems don't have.

18. AfterShock

Posts: 4147; Member since: Nov 02, 2012

He jelly, nothing more. No real interest in his platform, not even from hackers. Well considering most are bottom end of the rung of phones, i guess it makes sense not to bother.

23. elitewolverine

Posts: 5192; Member since: Oct 28, 2013

Jelly? For what? Right now i rock a Note 3 as a backup phone, this 4th one of mine seems to be much better than my previous ones, which is great. Daily not only do i play with my Note 3 for work, i get to play with other devices as well, daily for hours. So far the z1s has been my favorite android atm, the m8 feels awesome in my hand thinking of getting one to replace the note 3 if it fails again. You jelly that i can reset my main phone with no worries? I actually do this to freak customers out, because most of their devices do not do this automatically nor are not capable without 3rd party intervention.

24. AfterShock

Posts: 4147; Member since: Nov 02, 2012

I guess you are right up WP alley, you have had three N3s go bad an yet, you stick it out with Android? Fudge, You bet. We know you claim to carry, but purport other. not really believable to the majority here, sorry bro. I am Android Shill period,...I'll admit. You are a WP shill that likes to cloak behind fallacies of fantasy that you portray.

29. elitewolverine

Posts: 5192; Member since: Oct 28, 2013

I could care less what is 'believable'. Why do i stick with android with my 4th device? why not. The warranty covers a device i have paid for. For me not to use the warranty to be extremely stupid. Now if i was doing this out of warranty then yes that would be dumb. But i have paid $5 to get my note 3's replaced, big whoop. I don't hate android either, i like android, i recognize its faults, live through its faults, tech its faults daily, every single day over 2 dozen android issues. Been blessed with being able to have more than one device, able to own over 8 android phones in a shorter period than most and ability to own likewise wp. I loath apple devices, but they are the easiest devices to take and apple techline for us, is a godsend and makes other OEM feel ashamed. Yes you are a shill, for me, i am a tech fan. I will be likely getting another android shortly along with a wp, because i can.

35. AfterShock

Posts: 4147; Member since: Nov 02, 2012

Still, you troll Android. No bs there. Just because you like it, doesn't make that trolling passable. Tech fan, my arse.

39. elitewolverine

Posts: 5192; Member since: Oct 28, 2013

your arse must be fake then...I do not troll android articles. If you notice my posts i am mainly in windows articles. And the android articles i do post in, which is rare, it is not a troll. Am i a troll for responding to you that my OS out of the box has one of the best non 3rd party backups? Perhaps you are the bridge, that me, this troll lives under, the bridge of your denial and inability to accept anothers choices and know the OS they use daily has faults and issues that he fixes DAILY.

26. Planterz

Posts: 2120; Member since: Apr 30, 2012

"your an idiot" *sigh*

19. AfterShock

Posts: 4147; Member since: Nov 02, 2012

Hugs an kisses from the leader, that ought to help you from feeling left out. One day, you're os eco system will big enough to target, maybe lol.

17. tokuzumi

Posts: 1951; Member since: Aug 27, 2009

While not 100% foolproof, I make sure "Install apps from unknown sources" is unchecked. I can only install apps from the Play Store. I only turn it on when I am installing something I want from the Amazon App Store.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit for samples and additional information.