Ransomware on Android: Digital Extortion Democratized

India is already vulnerable to ransomware attacks. With the attacks coming to mobile, the threat just grows manifold

Enterprises may be struggling to digitally transform themselves, but extortionists seem to have learnt the trick. Digital extortion—in the form of what is called ransomware—is now a real threat. And India is not isolated.


To the uninitiated, ransomware is a type of malware that blocks the access to a user’s system and asks for money (ransom) to allow the access again. Most of the traditional ransomware worked by fooling the user that it was a law enforcement agency such as FBI in the US and it was some sort of a fine. But new ones are more direct. Called crypto-ransomware, these malware hold a victim’s files, photos and other digital content hostage and ask for ransom without any pretention about their intention.


Security software maker Symantec, in its Internet Threat Report 2015, said that there is a sharp rise on ransomware attacks last year. The report said there were 8.8 million ransomware attacks in 2014, up 115% from 4.1 million such attacks the year before. The report also said that there was a huge upsurge (45 times more compared to 2013) in crypto-ransomware.


But till last year, most of the ransomware attacks happened on PCs running Windows, though Symantec ITR 2015 had observed the first mobile attack occurring in 2014. In 2015, that seems to have risen significantly. Security services firm zScaler has reported a series of apps on Android—mostly disguised as pornographic  content apps—to launch ransomware attack. It reported only last week that a new Android App, Adult Player, lures victims who assume it is a pornographic video player. When the victim starts using it, the app silently takes a photo of the victim, which is then displayed on the ransomware screen, along with the ransom message. The app demands a ransom of USD 500. The company had earlier reported about a similar Android App, Porn Droid, in May.


Much of India uses mobile. Increasingly, Internet is being accessed from mobile in India. And unlike in the US, most of India’s mobile phones run on Android—so far, the most vulnerable platform to ransomware.


It is not that India is new to the problem. Symantec itself reported last month that India ranks ninth globally—along with developed countries such as the US, Japan, Germany and Italy—and on top in Asia Pacific in terms of ransomware attacks. The average ransom, demanded in India, said the report, was USD 200 or around INR 13,000.


But with ransomware attack coming to Android, the digital extortion would be far more democratized and widespread in India. Many users in India work mostly on office-provided laptops so do not really get into adventurous stuff on their PCs. All that is reserved for mobile. With mobiles now vulnerable, the overall threat from ransomware to India is likely to grow manifold.


Next time you download a porn or quick money-app, be careful. Your phone may be held for ransom. 

Air Trainer Sc 2

Add new comment