Pay up or your data gets it, Fandroid Ransomware became the main danger to users of the Android operating system in the first half of 2016. Bitdefender’s Android malware statistics show the Android SLocker ransomware family accounts for almost half of all mobile malware reported by infected devices in H1 2016 in Denmark, and a quarter in Germany. Australia (21.5 …
Your fave Cryptolocker/ransomware variant on Android.
YAY.
...not.
When will the iOS version be released? I suppose the iOS version will be a damp squib as crApple is controlling their App store much better than Google/Android does.
At least we have the option to prevent silly .apk's from installing themselves - until the ne'er-do-wells find a way around that.
Well... Because apple don't allow installing software that they have not approved your probably ok... This malware isn't coming from the play store, so if you disable installing from untrusted sources on android your probably ok.
Can't really compare this to iOS because ios is crippled to stop users installing their own software.
However we could be talking 2 cases here, meaning the whole thing is blown out of all proportion.
What's worrying, is there are people that spend money with these snakeoil vendors spreading their fear. I they can't be trusted to report security correctly, how can their products they want to sell me be trusted?
Trust comes in multiple ways, you can't have it all.
@AC - What is missing from many posts about ransomware across the web is how it gets installed on device X. There are several different methods for each device. For example with an Android phone I can think of several possible ways:
1 email/email attachment
2 ad
3 side loaded app
4 malicious app in store.
Depending on how the ransomware is distributed the realistic risk level for the average user could almost be nil or it could be possible if somewhat unlikely.
1,2,3 would need you to have:
Disabled device security and permit side loading
Stupid enough to install an app you don't know
1,2,3,4 would all also require:
Irgnored the dubious permission requests on install
Granted the dubious permission requests at runtime (android 5 on)
Disabled Google malicious app scanning
Have a device that is somehow trivial to root
As you can see, any company pretending this is something real, had some serious growing up to do, before they can be trusted to look after security.
Yes, quite.
I looked through the full PDF report, and although Bitdefender were more than happy to reveal real numbers for all ransomware (presumably most of which is on Windows), they were rather more coy about Android, delegating to only reveal percentages of reported infections.
It strikes me as being highly suspicious that they'd reveal one but not the other.
To spell that out, if "the Android SLocker ransomware family accounts for almost half of all mobile malware reported by infected devices in H1 2016 in Denmark", for example, and the total number of infected devices is ... two, that would mean that the sensationalist headline of "half of all mobile malware" actually only amounts to just one solitary infection.
Of course, I don't seriously believe it is just one infection, but without hard numbers I have no way to be sure, so this is just to illustrate how statistics can be used to manipulate the truth.
In any event, as the article concedes, you have to jump through quite a few hoops to get malware onto Android, which is a very different proposition indeed compared to being infected by just viewing a webpage in Windows. Apart from anything else, the former is social engineering, which no software can mitigate, and is therefore not a failing of software security, whereas the latter quite obviously is.
So just to settle this....
Default on android is to block installation of apps from unknown sources.
If you attempt to install you will be provided with a warning prompt about the dangers of installing from unknown sources that are untrusted blah blah blah...
You can then decide if you want to disable the security if you wish to over-ride (also given the option to allow one specific installation before it re-enables). This is in place incase you want to install something you KNOW is secure, its part of the freedom Android offers over IOS...
There are always going to be idiots who are stupid enough to just click away and accept anything, then flame android saying its not as secure because the went ahead and disabled the security in place to prevent this!!!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
