New research indicates that ransomware and other threats designed to attack people’s wallets continue to grow

HELSINKI, FINLAND – April 23, 2015 — / — New research from cyber security firm F-Secure points to an increase in the amount of malware designed to extort money from unsuspecting mobile phone and PC users. According to the new Threat Report, malware such as premium SMS message sending trojans and ransomware continue to spread, making them a notable presence in today’s digital threat landscape.

259 out of the total 574 known variants of the SmsSend family were identified in the latter half of 2014, making it the fastest growing family of mobile malware. SmsSend generates profits for criminals by infecting Android devices with a trojan that sends SMS messages to premium-rate numbers. Ransomware also continued to plague mobile users, with the Koler and Slocker families of ransomware identified as the top threats to Android devices.

“Ransomware uses encryption or some other kind of mechanism to lock people out of their devices”, says Mikko Hypponen, F-Secure’s Chief Research Officer. “Criminals use ransomware to extort people by locking them out of their own devices unless they pay a ransom. Because of virtual currencies, it’s becoming a lot easier for criminals to use ransomware, making it more profitable and more useful for them. For end users, ransomware is today the most prominent kind of digital threat”.

PCs also saw an increase in ransomware detections, with the Browlock ransomware family entering the top 10 threats identified in the report. Other notable threats in the top 10 include more established malware families, such as the Conficker/Downadup worm, the Sality virus, and the various strains of the Ramnit virus. These three families collectively account for 55% of the total detections in the top 10 list.

A notable newcomer to the top 10 list includes the Kilim family of malicious browser extensions. The extensions target Facebook accounts and use them to post unwanted content and steal information, and account for 11% of the top 10 threats detected in the report. The surge in F-Secure’s detections of Kilim malware is largely attributable to their cooperation with Facebook. The cooperation between the two companies was announced in May of last year, and is intended to help Facebook users stay safe online.*

According to Hypponen, understanding the motives of attackers is becoming a vital part of cyber security, as it sheds light on why particular attacks use particular combinations of malware and tactics. “I strongly believe that attacker attribution is one of the most important things an organization can do to protect themselves…we have no hope of defending ourselves if we don’t understand who the attackers are”.

The full Threat Report is now available on F-Secure’s website — — and contains more information on new developments, regional threats, and details regarding the digital threat landscape for the latter half of 2014.


More information:
Threat Report H2 2014 –
Infographic – Safe and Savvy –

F-Secure – Switch on freedom
F-Secure is an online security and privacy company from Finland. We offer millions of people around the globe the power to surf invisibly and share stuff, safe from online threats. We are here to fight for digital freedom. Join the movement and switch on freedom.

Founded in 1988, F-Secure is listed on NASDAQ OMX Helsinki Ltd. | |

F-Secure Media Relations
Adam Pilkey
+ 358 40 6378859

Source: F-Secure