Android malware demands a ransom for your microSD files
The blackmailer gets access to files on the microSD card, including images, PDFs, audio files, and other documents. It then encrypts them using the AER encryption standard. The blackmailers ask for 13 EUR ($17.70 USD) to unlock the files. Perhaps even worse, the phone's unique IMEI number is sent out to a server controlled by the blackmailers. The bad guys use encryption and a number of servers that make it hard for law enforcement officials to track them down.
Earlier this year, Android users were the victims of a malware strain called Koler. This malware disguised itself as a porn app. A message would be sent to the infected device's owner, claiming to be from the police and demanding that a $300 fine be paid for watching indecent material.
ESET's security intelligence team lead Robert Lipovsky, suggests that those affected should not pay the ransom since it will serve to encourage the bad guys. There also is no guarantee that the bad guys will release your files once you pay them.
1. fsalto98 (Posts: 31; Member since: 25 Apr 2014)
Eh if your phone is already encrypted they can do anything about it.
23. boosook (Posts: 1206; Member since: 19 Nov 2012)
I think they can (wether it is android or ios), since they encrypt files at a higher level (which are, then, encrypted again by the os).
25. chocowii (Posts: 376; Member since: 30 Jan 2014)
Meanwhile we at WP enjoy no hackers. Coz nobody wants WP right?
2. wilsong17 (unregistered)
How come I never experienced any of this.. I also install app outside Google play store since 2010 and never had any problem....
AV companies must be getting desperate to peddle this kind of story, I suppose thanks to the relative safety of iOS and Android. You'd really have to be trying to get this installed to actually infect your phone. You'd have to enable the sideloading of applications, disable the scanning of sideloaded applications, and then ignore multiple warnings that flash up reminding you about the dangers of sideloading unscanned applications.
Also this is only happening on the UK not USA why didn't you mention that
8. Sauce (unregistered)
Just like I never experience this sh*t on my Note 2 or the silly "news" that happens to a FEW iPhone owners. When Android/SS and iOS/Apple are always in the top spotlight, anything will be done to berate the best of them. This is what happens to the best.
Yes, the things that happen, happen. But people blow it way out of proportion.
12. networkdood (Posts: 6329; Member since: 31 Mar 2010)
For once on here, Sauce is correct - this malware 'issue' has been blown out of proportion...
5. Berzerk000 (Posts: 4163; Member since: 26 Jun 2011)
Is it on board storage too, or just the SD Card?
6. sprockkets (Posts: 1487; Member since: 16 Jan 2012)
apps can only do damage to the sd card if you installed an app and it of course has that permission declared upon install.
It cannot touch /data where sensitive app data is stored. So most likely will lose videos, pictures, music and any other data it thinks it needs to encrypt.
7. BobbyDigital (Posts: 803; Member since: 29 May 2014)
It's amazing that PA will report this but not the sundry hacks Apple has experienced of late. I wonder why?
11. psmartphones (Posts: 1; Member since: 05 Jun 2014)
the news HTC One M8 can not access its data, because it is simply the best Android smartphone
13. FingerMyApple (unregistered)
Never had sd card on my past every single android phone so I can't comment much :)
15. InspectorGadget80 (Posts: 6961; Member since: 26 Mar 2011)
Are u that famous Filipino model?
14. TheFirm (Posts: 33; Member since: 05 Jun 2014)
Nothing to see here, just android being android
16. jmonteiro829 (Posts: 124; Member since: 13 Feb 2012)
I work in I.T. and just recently had a laptop that I had to format for a client. This exact Ransomware was installed on the PC and encrypted all the folders that held personal data. It gave them 48 hours to pay $500 for the decryption program and $1000 after that. They obviously didn't pay and the computer no longer booted as the OS wasn't seen on the drive. I personally haven't seen it on mobile phones yet but this totally sounds legit after what I just went through.
17. rallyguy (Posts: 611; Member since: 13 Mar 2012)
Of course it's not mentioned that these apps get sideloaded by the owner.
I guess it's just easier to call it an Android problem, instead of a user who disregards all safety warnings and intentionally installs high risk apps on their phone.
19. AfterShock (Posts: 3698; Member since: 02 Nov 2012)
Can't find it on play store, needs permissions changed to install, seems legit.
26. rallyguy (Posts: 611; Member since: 13 Mar 2012)
It's not on the play store. It's an app the owner side loads onto the phone from a website. If you do that, you are rolling the dice, especially a porn app.
22. majp89 (Posts: 115; Member since: 18 Jun 2013)
JOKE'S ON YOU, MR. MALWARE HACKER GUYS. I DON'T HAVE AN SD CARD...HAHAHAHAHA...HA...HA. T_T
24. sprockkets (Posts: 1487; Member since: 16 Jan 2012)
You do know that it just goes after your internal storage which is what the sd card is for a lot of people right?