How Android ransomware works and how to defend yourself

Ransomware for Android smartphones can't encrypt phone data for the moment however they make it impossible to use

When we talk about ransomware many users immediately think of ransomware viruses designed to target our home computers or business devices. However, these malware threats are also affecting Android smartphones with increasing frequency.

Ransomware being one of the most profitable malware for hackers, it is normal that they are trying to widen the scope of their victims. At first, cyber criminals hit companies but now they are expanding their sights on users who own an Android phone. According to initial research by cybersecurity experts, ransomware viruses designed for the little robot devices generated more than $1 billion in revenue for hackers in 2016 alone. And the numbers are growing in 2017.

Android ransomware numbers

In the first quarter of 2017, cybersecurity studies reported a 300% increase for Android ransomware. And the revenue made from paying file ransoms only fuels and grows this illegal business.

How Android ransomware works

Because of the limited access an application has within the Android operating system, most ransomware for Google OS merely displays an image that you cannot remove. This page reminds the user to pay the ransom in order to succeed in removing the lock that prevents you from performing any action on your smartphone. Usually the required ransom is minimal, ranging from a few tens of dollars up to a maximum of 200. Android ransomware, for now, still fails to encrypt the device's files, but prevents us from using it. In fact, these malware can really damage our files, especially if we try to perform a factory reset to remove the threat without paying for it. The malicious code in this case would attach itself to the microSD card inserted in the phone to damage music, photos and videos forever. Some more advanced Android ransomware variants can even acquire administrator privileges and change our PIN. Most Android ransomware is a persistent virus and thus difficult to get rid of with a simple antivirus.

How to defend yourself

Like most Android malware, little robot ransomware spreads by exploiting malicious apps. In order to defend ourselves, we need to download only verified apps from official and trusted sources and developers. To easily recognize these malicious apps we can install a mobile antivirus that scans the program before starting the download.