Beware of ‘ransomware,’ new report warns

Security threats to mobile phones grew more diverse and sophisticated around the globe in 2014, while the U.S. in particular saw a surge in the number of encounters with “ransomware,” according to a new report.

The data come from a report issued Thursday by the mobile phone security company Lookout, which tracked the number of encounters its 60 million global users had with different forms of malware, chargeware and adware.

The company found that as mobile phone carriers and Google cracked down on malicious adware and other threats, cyber criminals have turned to new attacks to extract money and information from mobile phone users.

Ransomware can pose as an update to Adobe Flash or as an app downloaded from a pornographic website that, once downloaded, locks a user out of his or her phone unless a sum of money, usually several hundred dollars, is paid.

One form of ransomware that Lookout calls “ScarePackage” delivers a fake message from the FBI informing the user that illicit material was found on his or her phone.

Lookout users in the U.S. saw the percentage of unique devices that encounter a given threat during the year jump from 4% to 7%, the report said.

Users in Asia and Africa saw a rise in a Trojan known as “DeathRing,” which appears to come pre-installed on certain devices, suggesting that its authors were able to tap into the device supply chain, said Kevin Mahaffey, Lookout’s chief technology officer.

Lookout also recorded instances of malware that secretly installed software to make a user’s mobile devices mine bitcoins -- an intensive process in which a computer solves complex equations that process the cyrptocurrency.

“Anytime the good guys get better, the bad guys try new and innovative tactics,” Mahaffey said.

He said mobile phone users should only download apps from official app stores.

Follow @jpanzar