Android ransomware has picked up some ominous new tricks
Though ransomware has been around for years, it poses an ever-increasing threat to hospitals, municipal governments, and basically any institution that can't tolerate downtime. But along with the various types of PC malware that are typically used in these attacks, there's another burgeoning platform for ransomware as well: Android phones. And new research from Microsoft shows that criminal hackers are investing time and resources in refining their mobile ransomware tools—a sign that their attacks are generating payouts.
Released on Thursday, the findings, which were detected using Microsoft Defender on mobile, look at a variant of a known Android ransomware family that has added some clever tricks. That includes a new ransom note delivery mechanism, improved techniques to avoid detection, and even a machine-learning component that could be used to fine-tune the attack for different victims' devices. While mobile ransomware has been around since at least 2014 and still isn't a ubiquitous threat, it could be poised to take a bigger leap.
"It's important for all users out there to be aware that ransomware is everywhere, and it's not just for your laptops but for any device that you use and connect to the Internet," says Tanmay Ganacharya, who leads the Microsoft Defender research team. "The effort that attackers put in to compromise a user's device—their intent is to profit from it. They go wherever they believe they can make the most money."