Are online banking apps, mobile ransomware a match made in cybercrime heaven?

ByClaudiu Popa

In a recent report, antivirus software maker McAfee (now safely in Intel’s hands and no longer related to notorious troublemaker/troubadour John McAfee) reports a vast increase in the number of unique instances of ransomware for mobile phones.

If the thought of losing access to your data gets your attention, having your smartphone commandeered by cybercriminals on another continent should be downright terrifying.

That said, in the grand scheme of things, 320,000 copies of a piece of malware isn’t all that much, for now. As an aside, my reader should be aware that ransomware attacks are fairly customized, so when you’re lucky enough to be targeted by one, the key it uses to encrypt your data is unique to you.

In fact, in most cases, it’s unique to each file on your computer. So even if you had the millions of years of computer time (currently) necessary to crack the crypto on one file, you’ll have to multiply that by the hundreds or thousands of files the malware has gotten its digital paws on.

Ransomware in itself is nothing new.

What is new however is the way keyloggers on your PC (or mobile phone) pick up your bank access username/password and match it in real time with the text message sent by your bank to allow you two-factor access to your account. That’s been a theoretical curiosity until recently, but now it’s real. And it’s making people question whether the convenience of online banking is worth the trouble.

Will banks cover your losses or are they going the extra mile to boost your security just so they’ll have the privilege of pointing the finger at you if anything happens to your funds? Possibly a bit of both.

Regardless, the more things change, the more they stay the same.

There’s not much new here. Apple and Blackberry platforms are fairly well protected against mobile malware. Your PC is always at risk of infection from infected web sites, malware-laden emails and unprotected USBs.

Common sense must continue to prevail and although I still hear about people whose firewalls are disabled or they don’t even bother with anti-malware applications, those stories are few and far between. So I don’t see much of a reason to panic, but it can’t hurt to check with your bank about the risk of losing the cash if you opt for the convenience of online banking.

Claudiu Popa is a public speaker, cybersecurity expert and passionate defender of privacy rights who engages audiences through storytelling and weaponizes academic courses, radio, television, podcasts, social media and the written word to fight for the vulnerable in society and catalyze positive social change in Canada.