How to Get Rid of Ransomware on Mobile Devices
"Ransomware" may be a term you haven't heard before. This type of criminal malware, which spread around the world on PCs in 2012, encrypts some or all the files on a computer and holds them for ransom.
Sometimes the malware will pop up an on-screen message demanding a sum to decrypt the data. In other instance, strains of ransomware known as "police Trojans" pretend to come from law enforcement, notifying the user that illegal pornography has been found on the system and demanding payment of a "fine" to avoid prosecution and unlock the files.
Experts predict that in 2013, mobile devices will become the next big target for ransomware. If so, how can smartphone and tablet users avoid ransomware, and what should they do if they get it?
Prevention is the best cure
Of course, the best and often simplest defense one can muster against a problem is not to have it in the first place.
First, make sure you have a comprehensive anti-virus program installed on each mobile device. Good anti-virus software will cost money, but will be much less than the cost of replacing a phone or tablet.
Then get into the habit of regularly backing up the data on mobile devices, so that it can be recovered if criminal malware locks up the device.
There are also a few things one should never do, such as downloading data and apps from unreliable sources, which can be hotbeds of malicious mobile code.
"Do not visit rogue websites or load files obtained from rogue websites onto your device," warns Joseph Steinberg, chief executive officer of Green Armor Solutions in Hackensack, N.J. "Sites offering illegal downloads of music, e-books or videos are often a source of ransomware infections."
If you have an iPhone, iPad or iPod Touch, it's best to not "jailbreak" the device, a process that overrides Apple's built-in controls and security features. Jailbreaking gives you access to features and apps you can’t otherwise have, such as a secure shell (SSH) interface that lets you control the device from a Mac or PC, but it also leaves you at risk for attacks you may not even be aware of.
“When an iOS device is jailbroken and the user adds the functionality to allow remote SSH connections to the device, this opens up the ability for attackers to remotely control the victim’s device," said Steve Jensen, Kansas City-based principal consultant for managed security solutions with BT Global Services.
"Apple has never changed its well-known, publicly available root password on iOS devices," Jensen said. "If the user does jailbreak and allow SSH connections, if they do not change the password, any attacker could gain root access to the device."
If you suspect, or know, you have ransomware on your mobile device, you'll have to try to get rid of it.
First, stay calm. No one expects to have files suddenly locked up, or to see a message from law enforcement threatening loss of liberty. But ransomware depends on victims panicking and trying to fix the situation as quickly as possible.
Even if you know it's a scam, you'll be upset. But keeping your head will help you make good decisions.
So don't pay the fine or ransom. There's no guarantee doing so would unlock your device, and no question you'd be giving your credit-card information to criminals.
Next, try using your anti-virus software to run a virus scan. This is a good choice if you get the ransomware demand in your Web browser; you can simply minimize the browser app and run the scan.
Odds will be good that the ransomware is already known, in which case the anti-virus software will be able to detect and then either remove or quarantine it.
If you haven't installed anti-virus software, do NOT connect your mobile device to a personal computer.
Hooking up your device to a PC or Mac might seem like a good way to install anti-virus software or to get past a locked screen, but you might infect the computer as well.
If you get a locked screen, don't have anti-virus software, can't start a virus scan or the scan fails to find any malware, then try closing all of your apps and simply restarting the device.
This won't work with every piece of ransomware, but it may with some older versions. It may be enough to at least unlock the screen, which would let you run a virus scan.
Leave it to the pros
If neither of these solutions works, then you're going to have to bring your device to a professional.
For Apple users, this means a call to Apple Care or a trip to the nearest Apple Store or another Apple specialist. Windows Phone users will have to call Microsoft Support or find their way to a Windows Store.
For those of you running Android or other mobile operating systems, your best course of action is either to find a reputable local repair shop or to contact your cellular service provider’s tech support in order to find the best options for getting the ransomware off your system.