The amount of Android ransomware increased by half in 2016, according to security experts. Researchers from ESET said that the amount of ransomware detected on Google’s mobile operating system increased by 50 per cent over the course of last year.
They said that mobile malware authors used the year to copy techniques used in desktop malware as well as developing their own sophisticated methods for targeting devices.
Cyber criminals have also been making more of an effort to keep a low profile, they explained, by encrypting and burying their malicious payload deeper in infected apps.
“Altogether we saw an increase in Android malware detection by around 20 per cent, with ransomware on this platform growing at ever faster rate,” said ESET’s chief technology officer Juraj Malcho, who will speak on the subject at Mobile World Congress 2017.
“Even as ESET observed the largest spike in the first half of 2016, we are nowhere near saying that this threat will disappear anytime soon.”
The report also showed that while Android ransomware operators shifted their attention from Eastern Europe to the US in 2015, in 2016 they showed a “growing interest” in Asian users.
For example, the Jisut lock screen ransomware family, which doubled in prevalence over the last 12 months, began to display a localised Chinese ransom message.
“Indeed it is fair to say that ransomware for Android has become a full-scale global threat,” Malcho said, commenting on the researchers’ findings.
Just as worryingly, the report said some types of Android ransomware supported commands outside of the scope of locking the device, including wiping devices’ data, resetting the lock screen PIN, opening browser URLs, sending text messages and stealing contacts.
The researchers also observed that an increasing amount of Android ransomware obtains device administrator privileges using click-jacking techniques.