CryptoLocker for Android?


A new variant of the stealth software has recently been discovered that targets Android users and that is most likely associated with CryptoLocker  – a program that encrypts critical computer files and demands a ransom to decrypt them. This development is not surprising given Android’s market share and the large increase in malware samples created for Android devices.

A well-known security researcher named Kafeine discovered this new type of software and wrote about it on his blog Malware don’t need Coffee . He noted that when victims with Android devices want to connect to a domain infected with this class of malware, they are redirected to porn sites where social engineering elements are used to persuade users to download a (malicious) file.

And here’s the good news: to actually get infected, you have to install this malware yourself, and for this reason, we recommend that you only install applications from the legitimate Google Play Store.

„The program is quite effective,” writes Kafeine in his explanations of the malware. “You can go to your start screen, but otherwise nothing works. Attempting to start a browser, application or list of active tasks results in calling Locker back ”.

The installation file responsible for the infection disguises itself as a porn application. If the user activates it, they will see a window accusing them that they have viewed or distributed pornography on their phone.

The displayed message also states that he is also potentially facing 5 to 11 years in prison unless he pays a $ 300 fine through MoneyPak.

The version of the package advertised by the Reveton gang has different variants for victims in more than 30 countries, including the United States, Great Britain, France, Germany, Australia and Spain.

To what extent this type of ransomware is related to the known CryptoLocker targeting computers is unknown, but whoever created it is using the success of the old CryptoLocker for some kind of criminal marketing scam. It is all the more interesting as it shows how cybercriminals mimic real business practices to increase profits, but that is a topic for a different story.