Mobile ransomware has worryingly evolved, according to new research

Get a free Techzine subscription!

Ransomware is not new, but every day, it brings new threats to governments, public service institutions, and any institution that suffers when there is downtime. Along with PC and server malware, Android phones are also one of the targets under fire.

In new research, Microsoft has shown that hackers are tasking their resources and time to refine mobile ransomware tools. If they invest money and time into this, it is likely because it is paying off for them.

The findings were released last week on Thursday, collected by Microsoft Defender on mobile.

New and ominous tricks

After studying Android ransomware families’ variants, the researchers discovered that hackers have introduced new tricks to avoid detection. They have also developed a new ransom note delivery mechanism and a machine-learning component that can be used to create attacks specific to each victim.

Mobile ransomware may not be a considerable threat, having been around only since 2014, but it could be on the verge of taking a new leap.

All users must be aware that ransomware is everywhere and could affect more than just PCs. It can affect any device that can connect to the internet.

New problems, new solutions

Mobile ransomware is capable of encrypting files the same way PC ransomware does. However, it uses a different attack method where it merely appears on the entire screen with a note that blocks you from doing anything on your phone even after performing a restart.

Attackers normally take advantage of permission called ‘SYSTEM_ALERT_WINDOW’ to create an overlay window that you can’t dismiss or workaround. Security scanners have since detected the attacks, and Google introduced new protections in the Android 10 version last year.

Tip: Cybercrime becomes more sophisticated: ‘we can’t continue like this.’