Android users, beware. Ransomware for your favorite mobile operating system is picking up -- it's now the main threat in the US, UK, Germany, Denmark and Australia, in the first half of 2016.These are the figures from security organization Bitdefender. Its report claims the Android SLocker ransomware family accounts for almost half of all mobile malware reported by infected devices in the first half of 2016 in Denmark.In Germany, it's at 25 percent, in Australia 21.54 percent and 16.48 percent in the UK. The US has had the least troubles so far, sitting at 16 percent.
The ransomware itself is different from what we've seen on computers. It does not actually encrypt data on the device -- it simply changes the PIN or lock screen, and demands payment if you want to unlock it.
It spreads in two different ways. One is through malicious APK files, which users download and install, despite the fact that Android doesn't recommend it. The other way is tricky: spam messages and malvertising, sometimes appearing even on legitimate sites, trick people into downloading malicious apps, saying they need a special video player to run certain content or something similar.
Bitdefender says victims are ready to pay up to $500 to recover their data, and half of the victims actually do. UK consumers are the ones willing to pay most -- up to £400. Germans are ready to shell out €210, while Americans are willing to give $350
The threat landscape on mobile devices, however, is just the opposite: Almost no cryptolockers exist for Android devices because the operating system and apps make cloud backups. When users have their files backed up, there’s no need to pay ransom, and therefore creators have little incentive to attack Android users.
Blockers are the much more popular means to infect Android devices. On mobiles, they act simply by overlaying the interface of every app with their own, so a victim can’t use any application at all. PC owners can get rid of a blocker with relative ease — all they need to do is remove the hard drive, plug it into another computer, and wipe out the blocker’s files. But you can’t simply remove the main storage from your phone — it’s soldered onto the motherboard. That explains why blockers hold 99% of the mobile ransomware “market.”
How to protect yourself
1. Install applications only from official shops such as Google Play. To be sure that no application makes its way onto your device from an untrusted source, go to Android settings, choose Security, and make sure that the “Unknown Sources” box is not checked.
2. Regularly update your device’s firmware and its installed apps. You can choose to update apps automatically, but you still have to update the system manually — and it’s better to do that as soon as an over-the-air (OTA) update arrives.
3. Install a strong security solution. Even if you’ve installed all possible updates and downloaded apps from official sources only, you haven’t eliminated the risk completely. Malware can lurk in Google Play and can also spread by means of exploit kits using yet-unknown vulnerabilities