Svpeng Android ransomware targets UK users

A variant of the Svpeng Trojan is holding Android users to ransom in the UK and other English-speaking countries

A new variant of the Svpeng Trojan is holding Android smartphone users to ransom in the UK and other English-speaking countries.

The original malware targeted mainly Android users in Russia to steal financial credentials, but the new ransomware version is targeting UK, US, Switzerland, Germany and India, according to security firm Kaspersky Lab.

The new version of Svpeng is a typical piece of ransomware because it imitates a scan of the mobile and then claims to find prohibited content such as pornography.

The malware then blocks the mobile device and demands a payment of around £100 to unblock it. It also displays a photo of the user taken by the phone’s camera.

Hackers gather data

Kaspersky Lab researchers found the malware looks for a list of apps including several offered by major US banks.

The researchers believe cyber criminals are gathering statistics about the use of these apps on infected devices for use in future attacks.

Read more about mobile security

“As with mobile malware generally, this malware targets Android devices, and tries to extort money from its victims by blocking access to the device and demanding money to unblock it,” said David Emm, senior security researcher at Kaspersky Lab.

“It is evident that cyber criminals now see mobiles as an attractive target and are employing techniques that have already proven to be lucrative when implemented on PCs and laptops.” 

Mobile security under the radar

According to Emm, device protection is a subject that “constantly flies under the radar”, despite smartphone ownership in the UK estimated at around 59%.

His view is backed up by a recent Samsung UK survey. The survey found that, while 75% of organisations allow mobiles to connect to the corporate network, less than 10% of IT managers and chief technology officers regard mobile security as a priority.

And according to the UK Office for National Statistics report covering the first three months of 2014, there were 1.4 million company employees working from home.

Mobile malware rockets

As more people in the UK and elsewhere use mobiles for business, the quantity of mobile malware is increasing at an alarming rate, said Emm.

In the first three months of 2014 alone, Kaspersky Lab saw half the number of mobile malware samples (100,000) recorded in the past nine years.

“If this trend continues, this means the quantity of mobile malware will increase by 100% by the end of the year,” said Emm.

While security firms such as Kaspersky have been warning of the growing number of mobile malware samples for some time, the Samsung survey provided the first evidence of businesses being hit by mobile security incidents.

The survey revealed that a quarter of the businesses polled had incurred costs of more than £15,000 in the past year after mobile security incidents, with 11% reporting losses of more than £25,000.

How to keep your mobile safe

  • Kaspersky offers these mobile security tips: 
  • Do not 'jailbreak' or 'root' your device;
  • Use a PIN or (even better) a long passcode;
  • Do not install apps from untrusted sources;
  • Avoid public Wi-Fi for confidential transactions;
  • Do not store sensitive data on the device;
  • Backup important data.


Read more on Endpoint security