The end of the year is near, and it’s time for some (scary) annual reports on cybercrime. Let’s see what the numbers are showing in terms of mobile security.
As it turns out, mobile ransomware has turned into the most popular mobile threat. In fact, it is as dangerous as computer ransomware. Blue Coat has just released an annual paper on the matter. Blue Coat’s report has focused on the top threats that affect mobile devices. It’s not surprising that mobile malware is rising, as we’ve become very dependent on our phones and store lots of valuable information on them. Information leakage is a great threat concern as well, along with potentially unwanted software (PUS).
Who are the guys at Blue Coat and what are they doing?
Blue Coat is a leading company in enterprise security, providing on-premise, hybrid and cloud-based solutions for protecting web connectivity, combating advanced threats, and responding to security breaches. (from their official website)
2015 vs 2014
According to many security sources, the prime infection source in 2014 was through mobile advertisements. Back then, bad mobile ads had an infection rate of almost 20%. In 2015 things have changed. The most threatening actors are pornography applications and websites, leading the notorious rankings with 36.13% of infections. In comparison, in 2013 porn malware had a share of 20%.
According to Blue Coat, many pornography applications are employed to bundle Trojan components in their code. By downloading a compromised app or visiting a porn page, the user is infecting his mobile device and compromising all the information stored on it.
Mobile Ransomware on the Rise
Few years ago, mobile ransomware hadn’t evolved to the point of being a prevalent mobile threat. In 2015, however, it has turned to be the most popular mobile infection. The uptake is most likely due to the fact that ‘desktop ransomware’ (Cryptowall, CryptoLocker, etc) has proven to be unbeatable and has generated enormous income for its authors.
According to Blue Coat, the last few months especially have seen an uptake in ransomware infections on mobile phones. Even if earlier forms of mobile ransomware were quite easy to remove, the latest versions are not. Security researchers have closely observed this type of mobile threat. Gathered data leads to several conclusions:
- Mobile ransomware also has file encrypting capabilities.
- Mobile ransomware can connect to command & control servers.
- Mobile ransomware may act as a rootkit and can be very persistent.
- Mobile ransomware lockscreens have become harder to remove.
Other Similarities with PC Ransomware
For starters, recent mobile ransomware pieces have been using Tor. Just imagine what the numbers will be in 2016, if ransomware, mobile porn apps, and the Tor network continue their ‘collaboration’.
Using Tor for malicious mobile operations is not that surprising. After all, Tor gives hackers anonymity by obscuring their real destination of the ransom payment. What usually happens is that the victim of a mobile ransomware usually runs out of time before ‘getting up to speed on the intricacies of Tor’, as researchers at Blue Coat point out. As a result, the deadline to pay clicks away and the victim’s files are gone for good.
Researchers at Blue Point have also created an illustrative infographic on mobile malware – parts of it are published in our article. Click on the link to see its full version.
My Phone Was Just Infected with Ransomware. What Should I Do?
In case your Android mobile device has fallen victim to a form of vicious ransomware, you can refer to our article just below. There, we have explained what to do to rid your device from the unwelcome presence:
Remove Mobile Ransomware from My Android Device – Android/Lockerpin.A Ransomware
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me:
- Guide 1: How to Remove from Windows.
- Guide 2: Get rid of on Mac OS X.
- Guide 3: Remove in Google Chrome.
- Guide 4: Erase from Mozilla Firefox.
- Guide 5: Uninstall from Microsoft Edge.
- Guide 6: Remove from Safari.
- Guide 7: Eliminate from Internet Explorer.
- Guide 8: Disable Push Notifications in Your Browsers.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer Stop Push Pop-ups
How to Remove from Windows.
Step 1: Boot Your PC In Safe Mode to isolate and remove
Step 2: Uninstall and related software from Windows
Here is a method in few easy steps that should be able to uninstall most programs. No matter if you are using Windows 10, 8, 7, Vista or XP, those steps will get the job done. Dragging the program or its folder to the recycle bin can be a very bad decision. If you do that, bits and pieces of the program are left behind, and that can lead to unstable work of your PC, errors with the file type associations and other unpleasant activities. The proper way to get a program off your computer is to Uninstall it. To do that:
Follow the instructions above and you will successfully uninstall most programs.
Step 3: Clean any registries, created by on your computer.
The usually targeted registries of Windows machines are the following:
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
You can access them by opening the Windows registry editor and deleting any values, created by there. This can happen by following the steps underneath:
Tip: To find a virus-created value, you can right-click on it and click "Modify" to see which file it is set to run. If this is the virus file location, remove the value.
Before starting "Step 4", please boot back into Normal mode, in case you are currently in Safe Mode.
This will enable you to install and use SpyHunter 5 successfully.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer Stop Push Pop-ups
Get rid of from Mac OS X.
Step 1: Uninstall and remove related files and objects
1. Hit the ⇧+⌘+U keys to open Utilities. Another way is to click on “Go” and then click “Utilities”, like the image below shows:
- Go to Finder.
- In the search bar type the name of the app that you want to remove.
- Above the search bar change the two drop down menus to “System Files” and “Are Included” so that you can see all of the files associated with the application you want to remove. Bear in mind that some of the files may not be related to the app so be very careful which files you delete.
- If all of the files are related, hold the ⌘+A buttons to select them and then drive them to “Trash”.
In case you cannot remove via Step 1 above:
In case you cannot find the virus files and objects in your Applications or other places we have shown above, you can manually look for them in the Libraries of your Mac. But before doing this, please read the disclaimer below:
You can repeat the same procedure with the following other Library directories:
→ ~/Library/LaunchAgents
/Library/LaunchDaemons
Tip: ~ is there on purpose, because it leads to more LaunchAgents.
Step 2: Scan for and remove files from your Mac
When you are facing problems on your Mac as a result of unwanted scripts and programs such as , the recommended way of eliminating the threat is by using an anti-malware program. SpyHunter for Mac offers advanced security features along with other modules that will improve your Mac’s security and protect it in the future.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer Stop Push Pop-ups
Remove from Google Chrome.
Step 1: Start Google Chrome and open the drop menu
Step 2: Move the cursor over "Tools" and then from the extended menu choose "Extensions"
Step 3: From the opened "Extensions" menu locate the unwanted extension and click on its "Remove" button.
Step 4: After the extension is removed, restart Google Chrome by closing it from the red "X" button at the top right corner and start it again.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer Stop Push Pop-ups
Erase from Mozilla Firefox.
Step 1: Start Mozilla Firefox. Open the menu window
Step 2: Select the "Add-ons" icon from the menu.
Step 3: Select the unwanted extension and click "Remove"
Step 4: After the extension is removed, restart Mozilla Firefox by closing it from the red "X" button at the top right corner and start it again.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer Stop Push Pop-ups
Uninstall from Microsoft Edge.
Step 1: Start Edge browser.
Step 2: Open the drop menu by clicking on the icon at the top right corner.
Step 3: From the drop menu select "Extensions".
Step 4: Choose the suspected malicious extension you want to remove and then click on the gear icon.
Step 5: Remove the malicious extension by scrolling down and then clicking on Uninstall.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer Stop Push Pop-ups
Remove from Safari.
Step 1: Start the Safari app.
Step 2: After hovering your mouse cursor to the top of the screen, click on the Safari text to open its drop down menu.
Step 3: From the menu, click on "Preferences".
Step 4: After that, select the 'Extensions' Tab.
Step 5: Click once on the extension you want to remove.
Step 6: Click 'Uninstall'.
A pop-up window will appear asking for confirmation to uninstall the extension. Select 'Uninstall' again, and the will be removed.
Windows Mac OS X Google Chrome Mozilla Firefox Microsoft Edge Safari Internet Explorer Stop Push Pop-ups
Eliminate from Internet Explorer.
Step 1: Start Internet Explorer.
Step 2: Click on the gear icon labeled 'Tools' to open the drop menu and select 'Manage Add-ons'
Step 3: In the 'Manage Add-ons' window.
Step 4: Select the extension you want to remove and then click 'Disable'. A pop-up window will appear to inform you that you are about to disable the selected extension, and some more add-ons might be disabled as well. Leave all the boxes checked, and click 'Disable'.
Step 5: After the unwanted extension has been removed, restart Internet Explorer by closing it from the red 'X' button located at the top right corner and start it again.
Remove Push Notifications caused by from Your Browsers.
Turn Off Push Notifications from Google Chrome
To disable any Push Notices from Google Chrome browser, please follow the steps below:
Step 1: Go to Settings in Chrome.
Step 2: In Settings, select “Advanced Settings”:
Step 3: Click “Content Settings”:
Step 4: Open “Notifications”:
Step 5: Click the three dots and choose Block, Edit or Remove options:
Remove Push Notifications on Firefox
Step 1: Go to Firefox Options.
Step 2: Go to “Settings”, type “notifications” in the search bar and click "Settings":
Step 3: Click “Remove” on any site you wish notifications gone and click “Save Changes”
Stop Push Notifications on Opera
Step 1: In Opera, press ALT+P to go to Settings
Step 2: In Setting search, type “Content” to go to Content Settings.
Step 3: Open Notifications:
Step 4: Do the same as you did with Google Chrome (explained below):
Eliminate Push Notifications on Safari
Step 1: Open Safari Preferences.
Step 2: Choose the domain from where you like push pop-ups gone and change to "Deny" from "Allow".
