Ransomware Goes Mobile

The dominance of mobile devices has given hackers a growing market to chase after, with many of the same tools they’ve previously used to target personal computers—tools like ransomware.

Ransomware is a type of malicious software that either locks you out of your device, and/or holds your data hostage, until you pay a ransom fee. There are a few variations of ransomware—from popup messages in your browser that take control of your screen to programs that encrypt your data and hold the key to decrypting it hostage—but it has largely been confined to personal computers until now.

A new type of mobile ransomware, named Android.Trojan.Koler.A (Koler for short), is making an unwelcomed appearance and targeting Android users. Believed to be the work of the gang responsible for the Revetol / Icepol Trojan, Koler goes after mobile users viewing pornography on their Android devices. It tries to scare its victims into paying the $300 ransom by claiming the victim has viewed “illegal pornography” and posts a warning message from a bogus law enforcement agency (the agency in question changes depending on which country you’re in).

While this type of ransomware sounds scary and can certainly spread beyond its targeted demographic, there are a few things going against Koler. For one, Koler can’t be found and unwittingly downloaded from an app store (and hopefully never will be), which cuts the risk factor of infection down significantly. The malicious software, or malware, also needs to be purposefully installed by the user. That means that it has to trick a user into downloading the malware onto their device, usually done by prompting them to download a “premium video player” or other extra feature. Additionally, Koler can actually be easily removed—the key is to remain calm and not fall for the ploy.

Most likely, Koler in its current form probably won’t be responsible for locking you out of your mobile devices. However, it will most likely serve as a prototype for more advanced mobile ransomware variations in the future. As more people come to depend on their mobile devices, more hackers will be attracted to exploit other people’s property. With these risks in mind, it’s important to practice good security on all of your devices—no matter what sites you look at.

  • Be careful where you browse. There is a lot of nastiness on the Internet, so knowing what sites put you most at risk is crucial to staying safe. As I’ve mentioned before, it isn’t just pornographic sites (or nasty apps) you have to worry about, as dangerous content, more often than not, masquerades as something far more innocuous.
  • Don’t download apps from third parties. Downloading unapproved apps on your mobile device will always be risky business. Third-party apps aren’t in major app stores for a reason—most likely because they’re either unsecure or malicious. If you absolutely have to download from a third-party, make sure to do some research on the app in question beforehand.
  • Install security software on all mobile devices. Malicious websites and apps are not going away. So, today, security that helps protect your privacy and identity is a must. That means installing security software on all of your devices. Some software, like McAfee® Mobile Security, is free for both Android and iOS.

The Android version of McAfee Mobile Security provides a comprehensive safeguard against dangerous apps before they can harm your device or personal data. It includes McAfee® SiteAdvisor®, which shows a warning message if you navigate to a potentially dangerous website, or click on a malicious link in a text, email, QR code or social networking post.




FacebookLinkedInTwitterEmailCopy Link

Stay Updated

Follow us to stay updated on all things McAfee and on top of the latest consumer and mobile security threats.


More from Mobile Security

Back to top