The move to mobile ransomware is a “logical” one, but will not be as effective as what is hitting PCs.
Speaking to IT Security Guru, Michael Sutton, vice president of security research at Zscaler, said that as campaigns such as CryptoLocker have been so successful, it was logical that the ransomware threat moves to mobile devices.
This week, Robert Lipovsky, malware researcher at ESET, wrote in a blog about Simplocker which affects Android devices and uses images to scare the user with a picture of them and AES encryption.
However Sutton said that it will be harder for attackers to use mobile as a vector as ransomware does not encrypt the phone, only the SD card, so it is less of an impact to the user. “There is also an advantage that it is easy to backup a mobile device, and it is not as much of a headache as if a PC is hit,” he said.
Lipovsky reported that the Simplocker threat is mostly concentrated in Ukraine and Russia, but is spreading in the wild and can cause headaches for infected users.