Ransomware is a type of malware that locks you out of your computer until you pay a ransom. In some cases, it can actually cause more serious problems by encrypting the files on your system's hard drive.
Last year, Symantec discovered an android malware with hybrid characteristics of Fake AV and Ransomware. Last month, Bitdefender identified an android version of Ransomware which was being sold in the underground market. The malware bluffed victims into paying a ransom but didn't actually encrypt the files.
Until now, there have been no reports of android malware that encrypts the files.
Security researchers at ESET say they have spotted the first variant of Ransomware that encrypts files in your Android Device.
The malware, dubbed as Simplocker, shows a ransom message written in Russian which informs victims that their device is locked for viewing and distribution child porn.
It scans the SD card for certain file types such as image, document or videos, encrypts them using Advanced Encryption Standard(AES), and demands money in order to decrypt them.
It also gathers information about the infected device and sends to a command and control server. The server is located in Tor ".onion" domain for purposes of anonymity.
Don't Pay:
"We strongly recommend against paying up – not only because that will only motivate other malware authors to continue these kinds of filthy operations, but also because there is no guarantee that the crook will keep their part of the deal and actually decrypt them" Researchers at ESET say.
Last year, Symantec discovered an android malware with hybrid characteristics of Fake AV and Ransomware. Last month, Bitdefender identified an android version of Ransomware which was being sold in the underground market. The malware bluffed victims into paying a ransom but didn't actually encrypt the files.
Until now, there have been no reports of android malware that encrypts the files.
Security researchers at ESET say they have spotted the first variant of Ransomware that encrypts files in your Android Device.
The malware, dubbed as Simplocker, shows a ransom message written in Russian which informs victims that their device is locked for viewing and distribution child porn.
It scans the SD card for certain file types such as image, document or videos, encrypts them using Advanced Encryption Standard(AES), and demands money in order to decrypt them.
It also gathers information about the infected device and sends to a command and control server. The server is located in Tor ".onion" domain for purposes of anonymity.
Don't Pay:
"We strongly recommend against paying up – not only because that will only motivate other malware authors to continue these kinds of filthy operations, but also because there is no guarantee that the crook will keep their part of the deal and actually decrypt them" Researchers at ESET say.