Kaspersky Lab has revealed that mobile ransomware attacks increased fourfold in 2015-2016 compared to the previous 12 months, with only four malware groups responsible for the majority of attacks.
The research firm explained the Small, Fusob, Pletor and Svpeng families carried out more than 90 per cent of malware-based attacks on Android smartphones.
Ransomware has become the fastest growing form of Android-based attack, increasing to 4.63 per cent of the total number of threats in the last 12 months, whereas in 2014-2015, it accounted for just 2.4 per cent. Although the number of computers targeted in crypto-ransomware attacks - where files on the infected machine are encrypted by the malware - has increased substantially, screen blocker-based threats have reduced. Android, however, seems to be attracting more criminals using the screen blocker technique because Android-based devices cannot resist such hacks using external hardware in the way that PCs can.
Kaspersky Lab is now predicting that other devices will be affected by such attacks, especially those that operate on Android-based systems.
"The extortion model is here to stay. Mobile ransomware emerged as a follow-up to PC ransomware and it is likely that it will be followed-up with malware targeting devices that are very different to a PC or a smartphone," Roman Unuchek, mobile security expert at Kaspersky Lab, said.
"These could be connected devices like smart watches, smart TVs, and other smart products including home and in-car entertainment systems. There are a few proof-of-concepts for some of these devices, and the appearance of actual malware targeting smart devices is only a question of time."
The countries worst affected by ransomware were Germany, Canada, the United Kingdom and the United States, the report revealed.
-
UK to host largest European GPU cluster under £11 billion Nvidia investment plansNews Nvidia says the UK will host Europe’s largest GPU cluster, totaling 120,000 Blackwell GPUs by the end of 2026, in a major boost for the country’s sovereign compute capacity.
-
Jensen Huang says AI will make us busier – so what’s the point?Opinion So much for efficiency gains and focusing on the more “rewarding” aspects of your job
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million rewardNews The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalitiesNews The attack on IT systems supplier Miljödata has impacted public sector services across the country
-
A notorious hacker group is ramping up cloud-based ransomware attacksNews The Storm-0501 threat group is refining its tactics, according to Microsoft, shifting away from traditional endpoint-based attacks and toward cloud-based ransomware.
-
Security researchers have just identified what could be the first ‘AI-powered’ ransomware strain – and it uses OpenAI’s gpt-oss-20b modelNews Using OpenAI's gpt-oss:20b model, ‘PromptLock’ generates malicious Lua scripts via the Ollama API.
-
Data I/O shuts down systems in wake of ransomware attack
News Regulatory filings by Data I/O suggest the costs of dealing with the attack could be significant
-
Average ransom payment doubles in a single quarterNews Targeted social engineering and data exfiltration have become the biggest tactics as three major ransomware groups dominate
-
BlackSuit ransomware gang taken down in latest law enforcement sting – but members have already formed a new groupNews The notorious gang has seen its servers taken down and bitcoin seized, but may have morphed into a new group called Chaos
