Ransomware is a type of malware that holds your data hostage. It has been a problem with computers for many years, but it’s only recently started showing up on mobile devices. When you activate the program or app, it blocks you from accessing the data on the device and displays a message demanding payment by untraceable methods like Bitcoin or MoneyPak.
How does it spread?
On mobile devices, ransomware usually spreads via email, from visiting malicious web sites that host pornography or installing pirated apps. Recently malware developers have gotten smarter. Some ransomware apps can now spread via text message. When a device is infected, the malicious app will send an SMS to everyone in the device’s contact list with a message tricking the recipients into clicking on a link. When the reader opens the link, they are directed to install the malware on their devices, thus repeating the process with a new round of victims.
What should you do if you do if your device is infected?
First of all, don’t pay the ransom. If you do send money all you’re doing is rewarding criminals, and there are no guarantees you’ll get your information back anyway.
Reboot the device into safe mode. Just like a computer, safe mode boots the Android device with just the bare minimum operating system. This prevents the malicious software from running at startup and allows you to remove it. The instructions on activating safe mode vary from device to device, so check the manual and the manufacturer’s web page for specific instructions.
Once you have access to the operating system, you can uninstall the malware or run an antivirus app that will remove it for you.
How do you prevent malware from attacking your Android device?
Do not click on any links you were not expecting in emails or text messages. If the message comes from someone you know, contact them before opening the link.
Make sure the “Unknown sources” check box is left blank. The option is usually disabled by default, but sometimes users enable it to install legitimate apps that are not available from Google. The location can vary, but it is usually found under Settings > Security. Disabling this option will prevent the device from installing apps from sources other than Google’s Play Store.
Keep backups of your local data. With many apps, the data is stored on a remote server instead of your device. When you open the app, it downloads the information it needs through your data connection. If you do have applications that store data on the device or memory card, make sure to keep a backup of the information on your computer.
For rooted Androids, there are applications that will create an image of everything on the device and save it in a file you can transfer to your computer or upload to cloud storage.