Tag Archive for: Scareware

Understanding Android Malware Families: ransomware and scareware (Article 3)

/in


Ransomware is malicious software used by individuals to encrypt documents on computers or digital devices. 

How they work

Perpetrators demand a ransom from the owner of a device to access the victim’s documents; once in, criminals install ransomware on their mobile phone or computer. When the owner clicks on a malicious link in an email, text message or website, their document is automatically locked (otherwise known as a crypto locker).

In case you missed it:

Understanding Android Malware Families – the foundations (Article 1)

Understanding Android Malware Families – the trojan: an impersonator in the background (Article 2)

On the other hand, scareware is malicious software that criminals convince users to purchase or download. Bad actors coax victims into believing that they may harm their device if they don’t download or buy malicious software. Scareware is often initiated through pop-up advertising and takes advantage of attackers’ social engineering tactics to coax users into installing fake anti-virus software. 

Here, we’ve analyzed and provided results for several ransomware and scareware families. 

The malicious behaviour of ransomware and scareware families

Common ransomware activities include sending text messages, enabling GPS, browsing the Internet and clicking on compromised pop-up advertisements. Additionally, ransomware families can set a four-digit PIN to lock the smartphone, save images, documents, and videos in both the compromised device’s external and internal storage. In the worst scenario, they can disable the SIM card on the victim’s device. 

Ransomware vs Scareware
Ransomware vs Scareware

All the ransomware families collect sensitive data from mobile phones and interact with hardware settings to fetch which Android operating system version is installed on a device. All, except Fusob and Jisut browse the Internet to download malicious files on compromised devices. Additionally, Congur and SmsSpy family communicate via a command-and-control server.

Looking into scareware families, Avpass is the only family that interacts with anti-virus solutions installed on a device. All the scareware families browse the Internet to display pop-up advertisements and…

Source…

Prison for man who assisted scareware scheme that targeted newspaper website

/in
Prison for man who assisted scareware scheme that targeted newspaper website

A man wanted for his part in a lucrative criminal operation that spread scareware via the Minnesota Star Tribune website, who spent years on the run from the FBI, has finally been sent to prison.

Read more in my article on the Tripwire State of Security blog.

Graham Cluley

Fourth-oldest dot-com domain now relegated to serving up scareware at $400 a victim

/in

Do not click on mcc … oh, wait, let’s not even create a link here, lest someone be tempted. Do not go there.

Founded in 1982, the Microelectronics and Computer Technology Corporation (safe Wikipedia link) was this country’s first computer research and development consortium. It was also the fourth organization of any kind to register a dot-com domain name, having done so nearly 30 years ago on July 11, 1985. MCC researched and developed until the year 2000.

To read this article in full or to leave a comment, please click here

Network World Paul McNamara

Mobile Threat Monday: Scareware Comes To Android And An SMS-Stealing App – PC Magazine

/in

Mobile Threat Monday: Scareware Comes To Android And An SMS-Stealing App
PC Magazine
Most Android security apps include web protection, which will block flagged URLs. However, because this scam doesn't actually involve malicious applications, these apps are powerless to prevent the ads from appearing in the apps. As always: be
Google Says Android Almost Impenetrable to MalwareTechnologyTell

all 28 news articles »

“android security” – read more