Tech News: Mobile malware threatens more devices in the Philippines


Mobile ransomware is becoming a serious threat in the Philippines. Devices of about three out of 10 Filipinos were infected with malicious software in the first quarter of 2017, based on the Malware Report for Q1 released by Kaspersky Security Network (KSN).

In the report, the country was at No. 8 in the list of countries with the highest volume of mobile malware attacks for the three-month period. Almost 28% of unique smartphone/tablet users in the country were reportedly attacked. That accounted for a six-point jump from 21.67% in the third quarter of 2016. The percentage is relative to users of Kaspersky Lab’s mobile security products nationwide.

Here are rankings of countries with highest percentage of users attacked by mobile malware globally from January to March:

1. Iran – 47.35%
2. Bangladesh – 36.25%
3. Indonesia – 32%
4. China – 32%
5. Nepal – 29.90%
6. India – 29.09%
7. Algeria – 28.64%
8. Philippines – 27.98%
9. Nigeria – 27.81%
10. Ghana – 25.85%

The geography of attempted mobile malware infections in Q1 2017 (percentage of all users attacked)

Despite not being in the Top 10, the U.S. was the country that was hit the hardest by mobile ransomware in first quarter. Svpeng ransomware was the most widespread threat across the country’s 50 states.

On the other hand, the safest countries in terms of mobile security threats were Finland (2.7%), Georgia (2.5%), and Japan (1.5%).


Global scale of the problem
The report also indicated that globally, the volume of mobile ransomware rose 3.5 times in the first quarter. Detected mobile ransomware files reached 218,625 during the period, compared to 61,832 in the fourth quarter of 2016.

Congur ransomware family accounted for over 86% of those infections. The mobile malware is a blocker that sets or resets the infected device’s passcode or PIN, giving the attackers the administrator rights. In some variants of the malware, those rights extend to installation of module into the device’s system folder, making it almost impossible to be removed.

Trojan-Ransom.AndroidOS.Fusob.h accounted for about 45% of mobile attacks in the quarter. Once this threat is run, it requests administrator privileges, collects information about the device (including GPS coordinates and call history), and uploads gathered data to a malicious server. Consequently, there is the possibility that the server may send back a command that can block the compromised smartphone/tablet.

“The mobile treat landscape for ransomware was far from calm in Q1,” said Roman Unuchek, Senior Malware Analyst at Kaspersky Lab. “Ransomware targeting mobile devices soared, with new ransomware families and modifications continuing to proliferate. People need to bear in mind that attackers can—and increasingly will—try to block access to their data not only on a PC but also on their mobile device.”


How to avoid mobile malware infection
Kaspersky has shared simple recommendations that can help lower the risk of devices being infected by mobile malware. First, a user has to install robust security solutions, which should be kept updated at all times. Second, it would help to regularly run a system scan to monitor possible malware infection.

When logging online, avoid disclosing personal information into any suspicious or unfamiliar website. Lastly, always back up valuable information to safeguard it in case the system gets compromised by a malware.

Visit No More Ransom for more information and advice on how to deal with ransomware problems.