Simplocker is targeting Android devices
Posted by: Timothy Weaver on 07/23/2014 10:09 AM
[
Comments
]
A ransomware threat called Simplocker is targeting files stored on the SD memory cards of Android devices. Similar to Cryptolocker, once installed it asks for a ransom of $300 to be paid through a payment service called MoneyPak.
Simplocker is now being sold on underground forums and actively distributed to users.
Like CryptoLocker, it displays an alert purportedly from the FBI that says pornography has been found on the device.
ESET researchers said: “Many Android file backup tools (which we strongly recommend, by the way) store the backups as archive files. In case the user has become infected with Android/Simplocker.I, these backups will be encrypted as well.”
The malware installer masquerades as a Flash video player application and requests to be granted device administrator permissions. This makes the new Simplocker much harder to remove once installed.
ESET has updated their free Simplocker Decryptor tool to add support for files encrypted by the new malware variant.
Simplocker is now being sold on underground forums and actively distributed to users.
Like CryptoLocker, it displays an alert purportedly from the FBI that says pornography has been found on the device.
ESET researchers said: “Many Android file backup tools (which we strongly recommend, by the way) store the backups as archive files. In case the user has become infected with Android/Simplocker.I, these backups will be encrypted as well.”
The malware installer masquerades as a Flash video player application and requests to be granted device administrator permissions. This makes the new Simplocker much harder to remove once installed.
ESET has updated their free Simplocker Decryptor tool to add support for files encrypted by the new malware variant.
Comments
