Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Mobile Ransomware: Prevention and Best practice

    • Updated:
    • 3 Jul 2019
    • Product/Version:
    • Mobile Security For Enterprise
    • Platform:
    • Android All

Trend Micro sees that the number of Ransomware threats, which remotely locks mobile devices, is increasing on Android phones.

This article shows the best practice to prevent Ransomware infection on mobile devices.


Majority of Mobile threats targets Android devices.

Major Ransomware types in Mobile Devices

Mobile Ransomware

Mobile Ransomware Infection Vector

  • Third-party app store
    • The most common infection vector is downloading ransomware-infected apps from third party app stores.
    • No ransomware-infected app has been found in the official Google Play and Apple App store yet.
  • Social Network
    • Text messages with malicious links may trigger users to open the link and download a Ransomware unknowingly.

Trend Micro solutions for Ransomware in Mobile

Trend Micro’s Mobile Protection products contain key technologies to protect against ransomware.

MARS is a cloud-based technology that automatically identifies mobile threats based on app behaviour. Any newly installed application will be scanned by MARS to check if it is a Ransomware. MARS can also perform the following:

  • Crawls and collects a huge number of Android and iOS apps from various markets
  • Identifies existing and brand new mobile malware
  • Identifies apps that may abuse privacy and device resources
  • App repack and vulnerability assessment

WRS and URL Filtering are services that checks the URLs being accessed and blocks those that are unsafe. These services also do the following:

  • URL Categorizations grant URL Category type to each URL, identifying Ransomware
  • Block malicious URL before virus patterns release
  • URL Reputation Scoring grants WRS Score to each URL
  • Stop users from visiting or downloading from malicious URLs

Unlocking a device from a Screen Locker

The device can be unlocked by booting it to safe mode, then removing the application that locks the device. For additional information, check this article: Removing lock-screen type ransomware using Safe Mode on Android.

Solution Id:
Did this article help you?

Thank you for your feedback!

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.