Woburn, MA – June 26, 2017 - Mobile ransomware actors are focusing their attacks on wealthy countries, according to the annual ransomware report from Kaspersky Lab. The report from April 2016 to March 2017, shows the United States was the country with the highest percentage of mobile users attacked with mobile ransomware, followed by Canada, Germany and the U.K.
Mobile ransomware activity skyrocketed in the first quarter of 2017 with 218,625 mobile Trojan-Ransomware installation packages, which is 3.5 times more than in the previous quarter. Despite a small reprieve, the mobile threat landscape is still arousing anxiety, as criminals target nations with developed financial and payment infrastructures. Developed markets not only have a higher level of income, but also more advanced and widely used mobile and e-payment systems that can be easily compromised.
The rise in attacks on the United States occurred largely due to the Svpeng and Fusob malware families. While Svpeng mainly targets America, Fusob initially focused on Germany, but since Q1 2017 targeted the U.S. more with 28 percent of its attacks.
In the period of 2015-2016, Germany was the country with the highest percentage of mobile users attacked with mobile ransomware (almost 23%), as a proportion of users attacked with any kind of mobile malware. It’s followed by Canada (almost 20%), the U.K. and the U.S., exceeding 15 percent.
This changed in 2016-2017 with the U.S. shifting from fourth to first position (almost 19%). Canada and Germany retained their top-three ranking with almost 19 percent and over 15 percent respectively, leaving the U.K. ranked fourth place with more than 13 percent. “These geographical changes in the mobile ransomware landscape could be a sign of the trend to spread attacks to rich, unprepared, vulnerable or yet unreached regions. This obviously means that users, especially in these countries, should be extremely cautious when surfing the web,” said Roman Unuchek, security expert at Kaspersky Lab.
Other key findings from the mobile ransomware report include:
To reduce the risk of infection, users are advised to:
Kaspersky Lab has continued its tradition of reporting on ransomware threats with its second annual study into the issue. The report covers the full two-year period, which, for comparison reasons, was divided into two parts of 12 months each: from April 2015 to March 2016 and from April 2016 to March 2017. Read the full version of the Kaspersky Lab’s Malware Report on Securelist.com.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company celebrating its 20 year anniversary in 2017. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
For the latest in-depth information on security threat issues and trends, please visit:
Follow @Securelist on Twitter
Follow @Threatpost on Twitter