Trend Micro sees that the number of Ransomware threats, which remotely locks mobile devices, is increasing on Android phones.
This article shows the best practice to prevent Ransomware infection on mobile devices.
Majority of Mobile threats targets Android devices.
Major Ransomware types in Mobile Devices
Mobile Ransomware Infection Vector
- Third-party app store
- The most common infection vector is downloading ransomware-infected apps from third party app stores.
- No ransomware-infected app has been found in the official Google Play and Apple App store yet.
- Social Network
- Text messages with malicious links may trigger users to open the link and download a Ransomware unknowingly.
Trend Micro solutions for Ransomware in Mobile
Trend Micro’s Mobile Protection products contain key technologies to protect against ransomware.
MARS is a cloud-based technology that automatically identifies mobile threats based on app behaviour. Any newly installed application will be scanned by MARS to check if it is a Ransomware. MARS can also perform the following:
- Crawls and collects a huge number of Android and iOS apps from various markets
- Identifies existing and brand new mobile malware
- Identifies apps that may abuse privacy and device resources
- App repack and vulnerability assessment
WRS and URL Filtering are services that checks the URLs being accessed and blocks those that are unsafe. These services also do the following:
- URL Categorizations grant URL Category type to each URL, identifying Ransomware
- Block malicious URL before virus patterns release
- URL Reputation Scoring grants WRS Score to each URL
- Stop users from visiting or downloading from malicious URLs
Unlocking a device from a Screen Locker
The device can be unlocked by booting it to safe mode, then removing the application that locks the device. For additional information, check this article: Removing lock-screen type ransomware using Safe Mode on Android.