Android malware demands a ransom for your microSD files
The blackmailer gets access to files on the microSD card, including images, PDFs, audio files, and other documents. It then encrypts them using the AER encryption standard. The blackmailers ask for 13 EUR ($17.70 USD) to unlock the files. Perhaps even worse, the phone's unique IMEI number is sent out to a server controlled by the blackmailers. The bad guys use encryption and a number of servers that make it hard for law enforcement officials to track them down.
Earlier this year, Android users were the victims of a malware strain called Koler. This malware disguised itself as a porn app. A message would be sent to the infected device's owner, claiming to be from the police and demanding that a $300 fine be paid for watching indecent material.
ESET's security intelligence team lead Robert Lipovsky, suggests that those affected should not pay the ransom since it will serve to encourage the bad guys. There also is no guarantee that the bad guys will release your files once you pay them.