Android Simplocker ransomware hits English-speaking users
Posted on 23.07.2014
Simplocker, the first Android ransomware that actually encrypts files located on the device, has begun to target English-speaking users, ESET researchers warn.

The initial version of the malware was intended to scare Russian and Ukrainian users into parting with 260 Ukrainian Hryvnias (around $21) by locking the infected device and claiming that it was locked "for viewing and distribution child pornography, zoophilia and other perversions."

This latest version shows a similar (fake) message sporting the FBI logo, repeating the aforementioned claims, and asks users to pay a fine in the amount of $300 (via MoneyPak voucher) in order to get their device unblocked and their files decrypted. It also displays the camera feed from the device in order to make it seem that the authorities know how the user looks like:



"From a technical perspective, the file-encrypting functionality remains virtually unchanged, apart from using a different encryption key, but this recent Simplocker variant does contain two additional tricks to make the victimís life more miserable," notes researcher Robert Lipovsky.

For one, the files this variant encrypts include also archive files (ZIP, 7z and RAR), and as many Android file backup tools store the backups as archive files, this means that backups will also be encrypted.

Secondly, the malware asks to be installed as Device Administrator, so that it is more difficult for the user to delete it. Revoking the applicationís Device Administrator rights before uninstalling it is rather difficult to do when the ransomware has locked your screen, Lipovsky pointed out.

This Simplocker variant apparently masquerades as a Flash video player, and the good news is that it's currently not very widespread. But that doesn't mean that it won't be, so users are urged to be careful when installing applications on their device.

If you have already fallen for the scam, you can use the company's Simplocker Decryptor tool to restore the encrypted files - chances are you won't be getting any help from the scammers on that front even if you paid the "fine."









Spotlight

People will do anything for free Wi-Fi

Posted on 30 September 2014.  |  A new Wi-Fi investigation conducted on the streets of London shows that consumers carelessly use public Wi-Fi without regard for their personal privacy.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Oct 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //