Ransomware attacks on Android mobile devices have risen sharply in the past 12 months, and UK citizens are some of the most at risk, according to data from Kaspersky Lab.
Ransomware attacks are seen most commonly on desktop devices. Criminals use specific strains of malware to take over user devices and deny access to files and data unless a ransom is paid, usually in bitcoin.
However, it now appears that mobile ransomware is starting to become more prevalent, after Kaspersky revealed that the firm stopped 136,532 ransomware attacks between March 2015 and March 2016 based on metrics from its own tools on smartphones.
This was an almost four-fold increase on the 35,413 attacks in the previous 12 months.
The increase also saw mobile ransomware take up an increasing share of all malware attacks stopped by Kaspersky, from 2.04 per cent in 2014-2015 to 4.63 per cent in 2015-2016.
“The growth curve may be less than that seen for PC ransomware, but it is still significant enough to confirm a worrying trend,” the firm said.
Furthermore, Kaspersky’s data showed that UK citizens are among the most likely to be targeted by mobile ransomware. Some 16 per cent of all mobile ransomware attacks strike users in the country.
Most at risk are those in Germany, at 22.9 per cent, followed by Canada at 19.61 per cent.
Kaspersky explained that citizens in developed countries are more likely to be hit by mobile ransomware, probably because of the advanced mobile-first culture in such nations.
“It is hard to say precisely why this is the case, but we can assume that in countries that feature at the top of the mobile ransomware list, mobile and e-payment infrastructure is much more developed and has deeper penetration than in countries at the bottom of the list or not on it at all," the firm said.
“Criminals like to get as close to their victim’s money as possible, and attacking a user who can transfer the ransom in couple of taps or clicks is likely to have the most appeal.”
One strain of mobile ransomware that is becoming increasingly common is Fusob (pictured left), having been found in over 100 countries.
Fusob uses the classic ransomware tactic of purporting to be a warning from a ‘Cyber Police’ division, demanding the user pay a fine for unspecified crimes.
Interestingly, the Fusob ransomware will not run if it discovers that the device’s language is from eastern Europe, such as Bulgarian, Hungarian, Armenian and Russian, giving a strong clue as to where these attacks originate.
Kaspersky also warned that the rapid evolution of mobile ransomware makes it highly likely that it will start to appear on other forms of connected device.
“These could be devices like smart watches, smart TVs, and other smart products including home and in-car entertainment systems," the firm said.
"There are a few proof-of-concepts for some of these devices, and the appearance of actual malware targeting smart devices is only a question of time."
Ultra-high-end all-in-one PCs from HP feature either 24-inch or 27-inch displays
Roomba 'smart' vacuum cleaner company iRobot plans to sell maps of users' homes to Apple, Amazon and Google
'Smart' products spying on their owners and selling the data for profit? Who'd have thought it!
TNT Express still struggling with NotPetya malware - crucial documents remain locked up in borked systems as staff grapple with manual procedures
TNT depots over-flowing with parcels as the company struggles to recover from NotPetya - while Reckitt Benckiser reports 'ongoing' recovery
Full roll-out of Android O expected within weeks