Cyber security firm F-Secure has come out with a new research that reveals a growth in extortion malware. According to the firm, SMS message sending trojans and ransomware attacks on Mobile Wallets and Virtual currencies have grown in the H2, 2014. The report further says the threat is equally posed to Andorid and iOS platforms as the experienced malwares have tried to attack the banking applications and mobile wallets in H2, 2014.
Amit Nath, Country Manager, F-secure (India & SAARC) commented that, “There’s a lot at stake when it comes to your information being stored in a banking application or mobile wallets. Virtual currencies have also been witnessed under threat. Its time you become cautious and protect what’s irreplaceable.” TROJAN:ANDROID/SVPENG has been found spreading via SMS messages. This banking Trojan displays a phishing page when the user launches their banking app to phish for account login details. Variants also act as ransomware, blocking the device and demanding payment of a “fine” for alleged criminal activity. Also reported by security researchers in the second half of 2014, LOCKSCREEN & SCAREPACKAGE are the two ransom-trojans that used ‘police-themed’ notifications to scare the user into paying a “fine” for supposed illegal activity. Both threats are detected by F-Secure as variants of the Koler or Slocker families.
Since their debut in the first half of 2014, the Koler and Slocker ransom families have grown rapidly as their authors create new variants.These families are now the most prevalent Android ransomware reported in the detection statistics from our product users. Pirated apps containing Wirelurker are offered on third-party app sites for OS X machines. iOS devices connected via USB to the infected machine have apps downloaded onto them. Apple subsequently blocked Wirelurker-tainted apps in its store.
“I strongly believe that attacker attribution is one of the most important things an organization can do to protect itself. That is, figuring out who is out to get you. This is not as straightforward as it might seem — different kinds of organizations are targeted by different kinds of attackers. And we have no hope of defending ourselves if we don’t understand who the attackers are. The various attackers have different motives; they use different techniques and they pick different targets. Different attacks require organizations to implement different safeguards. Protecting data and credit card numbers from online criminals is completely different from protecting a network against a distributed denial-of-service attack launched by a hacktivist gang,” says Mikko Hypponen Chief Research Officer F-Secure. You can check out full Threat Report here.