The data gathered by Kaspersky for period January till September 2019 showed Malaysia has climbed from 36th to 17th country with the most number of detected mobile ransomware Trojans. The installation packages for this type of threat blocked by Kaspersky revealed a 58% increase as compared to 2018.
The global cybersecurity company notes that ransomware is found not only on desktops, but also on mobile devices — and it is also on the rise there. The most widespread type of desktop ransomware is the cryptolocker, malware that encrypts your data and offers to restore it if you pay ransom.
Another type of ransomware, the blocker, blocks either browsers or operating systems from working and demands a ransom to return access. Blockers are the much more popular means to infect Android devices. On mobiles, they act simply by overlaying the interface of every app with their own, so a victim can’t use any application at all.
According to Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky, “More Malaysians are moving towards online banking now and we expect the adoption rate to increase tremendously in 2020, more so with the Budget 2020 where Malaysians will receive RM30 digital cash as a form for the government to push the e-wallet adoption in the country. With this, the mobile users in the country should start paying attention to securing their smartphones, beyond the physical protection, but the virtual world too.”
IDC shared that 10% Malaysian replaced their smartphones within a year, while 35% said will keep their smartphones for 3 years before upgrading. IDC Quarterly Mobile Phone Tracker listed both the top two brands of smartphones shipped worldwide were Android, followed by iOS on the third. Forrester Research also published that Android phones made up 74% of the market.
Android has an open source system, and the code is called ‘Android Open Source Project’, allowing the developers of Android apps to take the source code and create their own custome OS with it. This makes Android devices easier to ‘root’, involving to remove the manufacturer’s software restrictions and installing unauthorized apps, which translate to greater chance of vulnerabilities in the code on the phone.
“For hackers, it makes sense to write hacking code for a system that is not only easier to hack, but is also more widely used. There is a much wider base of user information to steal so most of mobile malware aimed at Android devices, due to their popularity. It is like the “Spray and Pray” method. Besides keeping the Android devices up to date with the manufacturers whom seldom push out the latest OS to the users, users should begin to start having security solution on their Android devices,” says Yeo.
The eSecurity Bulletin by CyberSecurity Malaysia advised that smartphones, like computers, also prone to malware infections such as virus, worm, trojan horse, rootkit, ransomware, keylogger, adware and spyware.
Kaspersky recently started its partnership with Digi Telecommunications Sdn Bhd (Digi) to offer the telco’s customers Kaspersky robust cybersecurity solution across multiple platforms. The Kaspersky Internet Security for Android starts from RM3 a month, which has primary features such as blocking suspicious apps, websites and files, stopping spyware monitoring calls, texts and location, anti-theft and others.
For EasyAdd by Digi, please visit https://easyadd.my/product/kaspersky.
How to protect yourself against mobile ransomware
Kaspersky shares simple tips to protect Android users against mobile ransomware:
- Install applications only from official shops such as Google Play. To be sure that no application makes its way onto your device from an untrusted source, go to Android settings, choose Security, and make sure that the “Unknown Sources” box is not checked.
- Regularly update your device’s firmware and its installed apps. You can choose to update apps automatically, but you still have to update the system manually — and it’s better to do that as soon as an over-the-air (OTA) update arrives.
- Install a strong security solution. Even if you’ve installed all possible updates and downloaded apps from official sources only, you haven’t eliminated the risk completely. Malware can lurk in Google Play and can also spread by means of exploit kits using yet-unknown vulnerabilities.
To avoid falling victim to mobile ransomware, we recommend using the full version of Kaspersky Internet Security for Android, because only that version constantly monitors what’s happening on your device and eliminates threats as soon as they emerge.
Note: Data compiled by Kaspersky was excluding countries with fewer than 25,000 active users of Kaspersky mobile solutions over the reporting period.