UK a top target for Android ransomware, warns Kaspersky

Huge spike in ransomware attacks with Brits among the top targets

Brits are being targeted in a wave of ransomware attacks, according to data released by security software company Kaspersky Lab.

And while ransomware attacks are seen most commonly on desktop devices, attacks against Android mobile devices are also booming. Criminals use specific strains of malware to take over user devices and deny access to files and data until the ransom is paid, usually in untraceable bitcoin.

According to Kaspersky's research, mobile ransomware is starting to become more prevalent; indeed, the company revealed that it stopped 136,532 ransomware attacks between March 2015 and March 2016 based on metrics from its own tools on smartphones.

This was an almost four-fold increase on the 35,413 attacks in the previous 12 months. Kaspersky's figures follow-on from reports that attacks have been up five-fold during 2016 alone.

The increase also saw mobile ransomware take up an increasing share of all malware attacks stopped by Kaspersky, from 2.04 per cent in 2014-2015 to 4.63 per cent in 2015-2016.

"The growth curve may be less than that seen for PC ransomware, but it is still significant enough to confirm a worrying trend," the firm said.

Furthermore, Kaspersky's data showed that UK citizens are among the most likely to be targeted by mobile ransomware. Some 16 per cent of all mobile ransomware attacks strike users in the country.

Most at risk are those in Germany, at 22.9 per cent, followed by Canada at 19.61 per cent.

Kaspersky explained that citizens in developed countries are more likely to be hit by mobile ransomware, probably because of the advanced mobile-first culture in such nations.

"It is hard to say precisely why this is the case, but we can assume that in countries that feature at the top of the mobile ransomware list, mobile and e-payment infrastructure is much more developed and has deeper penetration than in countries at the bottom of the list or not on it at all," the firm said.

"Criminals like to get as close to their victim's money as possible, and attacking a user who can transfer the ransom in couple of taps or clicks is likely to have the most appeal."

One strain of mobile ransomware that is becoming increasingly common is Fusob, having been found in over 100 countries.

Fusob uses the classic ransomware tactic of purporting to be a warning from a ‘Cyber Police' division, demanding the user pay a fine for unspecified crimes.

Interestingly, the Fusob ransomware will not run if it discovers that the device's language is from eastern Europe, such as Bulgarian, Hungarian, Armenian and Russian, giving a strong clue as to where these attacks originate.

Kaspersky also warned that the rapid evolution of mobile ransomware makes it highly likely that it will start to appear on other forms of connected device.

"These could be devices like smart watches, smart TVs, and other smart products including home and in-car entertainment systems," the firm said.

"There are a few proof-of-concepts for some of these devices, and the appearance of actual malware targeting smart devices is only a question of time."