- Apr 21, 2016
- 4,370
Getting infected with Android ransomware is unlikely, Google says. In fact, you're more likely to get hit by lightning twice than to get infected.
Of course, that may not seem like it's the case with all the infected apps that get reported after managing to make their way into the Play Store, but it seems to be the actual truth.
"Since 2015, less than 0.00001 percent of installations from Google Play, and less than .01 percent of installations from sources other than Google Play, were categorized as ransomware," reads the report signed by Jason Woloz, senior program manager with the Android security team.
As you know, ransomware is a type of app that restricts people's access to the device until victims pay a sum of money, most often than not in Bitcoin. They're usually present in apps that restrict device access and demand payment, or apps that encrypt data on the external storage of the device and demands payment to decrypt it all. As Woloz points out, criminals often pose as law enforcement and accuse users of doing something illegal, so they're more likely to pay.
The Android security chief also hgihlights that Google has been doing a lot to protect users. On top of the Verify Apps feature which analyzes apps before they are installed, Google also deploys Application Sandboxing, which is a technology that forces apps to operate independently of others. Basically, sandboxes require apps to mutually consent to sharing data, which limits ransomware's ability to access sensitive information.
Android 7.0 Nougat comes with some extra defenses against ransomware, Woloz says. For instance, apps can no longer see which other apps are active, which means that if an app infected with ransomware flies under Google's radar and you install it, it can't see what other apps are doing.
Additionally, if you set a lockscreen PIN prior to installing ransomware, the infected app can't misuse your device's permissions to change your PIN to lock you out, effectively canceling the effects one of the major categories of ransomware apps.
Easier to prevent, than fix
While Google and the Android team have done quite a bit to make users safe, there are, of course, things that users must also do to protect themselves. One of those things is to only download apps from trusty sources, like Google Play.
Another is to make sure that Verify Apps is enabled and to make sure you always install the latest security updates. Backing up your device is also a good idea.
Lastly, reading reviews and other information about apps before installing is also a good idea before downloading.
Read more: Google: Android Ransomware Affects Less than 0.0001% of Official Installations
Of course, that may not seem like it's the case with all the infected apps that get reported after managing to make their way into the Play Store, but it seems to be the actual truth.
"Since 2015, less than 0.00001 percent of installations from Google Play, and less than .01 percent of installations from sources other than Google Play, were categorized as ransomware," reads the report signed by Jason Woloz, senior program manager with the Android security team.
As you know, ransomware is a type of app that restricts people's access to the device until victims pay a sum of money, most often than not in Bitcoin. They're usually present in apps that restrict device access and demand payment, or apps that encrypt data on the external storage of the device and demands payment to decrypt it all. As Woloz points out, criminals often pose as law enforcement and accuse users of doing something illegal, so they're more likely to pay.
The Android security chief also hgihlights that Google has been doing a lot to protect users. On top of the Verify Apps feature which analyzes apps before they are installed, Google also deploys Application Sandboxing, which is a technology that forces apps to operate independently of others. Basically, sandboxes require apps to mutually consent to sharing data, which limits ransomware's ability to access sensitive information.
Android 7.0 Nougat comes with some extra defenses against ransomware, Woloz says. For instance, apps can no longer see which other apps are active, which means that if an app infected with ransomware flies under Google's radar and you install it, it can't see what other apps are doing.
Additionally, if you set a lockscreen PIN prior to installing ransomware, the infected app can't misuse your device's permissions to change your PIN to lock you out, effectively canceling the effects one of the major categories of ransomware apps.
Easier to prevent, than fix
While Google and the Android team have done quite a bit to make users safe, there are, of course, things that users must also do to protect themselves. One of those things is to only download apps from trusty sources, like Google Play.
Another is to make sure that Verify Apps is enabled and to make sure you always install the latest security updates. Backing up your device is also a good idea.
Lastly, reading reviews and other information about apps before installing is also a good idea before downloading.
Read more: Google: Android Ransomware Affects Less than 0.0001% of Official Installations