Mobile ransomware actors are focusing their attacks on wealthy countries. Developed markets not only have a higher level of income, but also a more advanced and more widely used mobile and e-payment infrastructure. According to Kaspersky Lab’s annual ransomware report for 2016-2017, this is appealing to criminals because it means they can transfer their ransom in just a couple of taps or clicks.
Kaspersky Lab has continued its tradition of reporting on ransomware threats with its second annual study into the issue. The report covers the full two-year period, which, for comparison reasons, has been divided into two parts of 12 months each: from April 2015 to March 2016 and from April 2016 to March 2017. We’ve chosen these particular timescales because they witnessed several significant changes in the ransomware threat landscape.
Mobile ransomware activity skyrocketed in the first quarter of 2017 with 218,625 mobile Trojan-Ransomware installation packages – 3.5 times more than in the previous quarter. Activity then fell to the average level of the observed two year period. Despite a small relief, the mobile threat landscape is still arousing anxiety, as criminals target nations with developed financial and payment infrastructures that can be easily compromised.
In the period of 2015-2016 Germany was the country with the highest percentage of mobile users attacked with mobile ransomware (almost 23%), as a proportion of users attacked with any kind of mobile malware. It was followed by Canada (almost 20%), the UK and the US – exceeding 15%.
This changed in 2016-2017 with the US shifting from fourth to first position (almost 19%). Canada and Germany retained their top-3 ranking with almost 19% and over 15% respectively, leaving the UK ranked fourth place with more than 13%.
The rise in the United States occurred largely due to attacks from the Svpeng and Fusob malware families, the first of which is mainly targeting America. As for Fusob, this malware family was initially focused on Germany, but since Q1 2017 America has topped its list of targets with 28% of attacks.
“These geographical changes in the mobile ransomware landscape could be a sign of the trend to spread attacks to rich, unprepared, vulnerable or yet unreached regions. This obviously means that users, especially in these countries, should be extremely cautious when surfing the web,” notes Roman Unuchek, security expert at Kaspersky Lab.
Other key findings from the KSN report-2017 include:
To reduce the risk of infection, users are advised to:
For help and advice on dealing with ransomware visit No More Ransom. Check out No Ransom to find the latest decryptors, ransomware removal tools, and information about ransomware protection.
Read the full version of the Kaspersky Lab’s Malware Report on Securelist.com.
We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.