Privacy News Svpeng Behind a Spike in Mobile Ransomware

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
...quotes from the article:

The sting of mobile ransomware grew more painful in 2017 with attacks increasing a whopping 3.5 times in the first quarter compared to the same time a year ago. Behind those attacks were a quarter million Trojan installation packages targeting Android devices that sought to extort between $100 to $500 from victims.

German smartphone users have been targeted the most, however United States users are rapidly becoming attractive targets, according to a report released Monday by Kaspersky Lab titled Ransomware in 2016-2017.

Unlike PC-based ransomware installed via exploit kits and booby-trapped email attachments, mobile ransomware was chiefly distributed via malicious mobile app downloads of fake mobile video players for viewing adult content or as part of a fake mobile Adobe Flash player download, researchers said.

“Mobile ransomware does not use any vulnerabilities in most cases,” said Roman Unuchek one of the report’s authors and senior malware analyst with Kaspersky Lab. He said purveyors of mobile malware depend on the gullibility of the user and on older Android OS versions. “With newer Android versions there are more security features, so ransomware has to be more shifty on such devices,” he said.

In its analysis, Kaspersky Lab singled out two malware families, Svpeng and Fusob, as dominating the mobile ransomware space. It was the Fusob malware that made up the bulk of ransomware activity. Fusob typically tricks users by pretending to be a multimedia player, called xxxPlayer. Once downloaded, the ransomware blocks users from accessing the device until between $100 and $200 is paid.


he mobile malware Svpeng was identified in 2013 by Kaspersky Lab as a banking Trojan. Since then it has been modified with ransomware capabilities a number of times. Past social engineering campaigns have been SMS-based and tricked users into downloading the malware. Once installed, Svpeng displays a screen that pretends to be a scanning program. Upon completion it displays a fake FBI penalty notification for downloading “illegal” content. A ransom of about $200 is demanded to unlock the device.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top