Studies have shown that Android users like to watch the naughty stuff on their devices more frequently than their iOS-wielding counterparts. A new piece of ransomware seems to be taking advantage of this fact by injecting malicious code into Android devices browsing a particular, as yet undisclosed porn site. From there, the familar array of government warnings and threats of litigation are used in an effort to cajole a user into coughing up hundreds of dollars.
So as to obscure any paper trail, users are told to pay their dues by means of iTunes Store gift codes. Presumably, these codes are then sold on to unwitting purchasers who think they're getting a good deal, but are instead implicating themselves in an extortion scam.
According to the experts at Blue Coat, a device can be infected by the 'Cyber.Police' malware by simply visiting the unnamed adult website. No APK is installed, as is so often the story with these sorts of attacks. Rather, the malicious code takes advantage of vulnerabilities within Android 4.0 Ice Cream Sandwich through to Android 4.3 Jelly Bean, while those on Android 4.4 KitKat may also find themselves susceptible to a similar attack. Once it has its claws in, users are met with pop-ups that the device has been 'blocked' by authorities, and the situation can only be rectified by paying the fine in iTunes gold.
Shedding further light on the activities and behaviors of the ransomware, Blue Coat notes:
It kills all other apps; prevents other apps from launching or stopping the ransomware; sets itself up to be the first thing to start at boot time; profiles the infected device; and communicates with a command-and-control server.
This isn't the first time that adult material has been used in an effort to coerce innocent surfers into paying huge fines. As we've seen in the past, attackers will use all the tricks in the book to get hold of your cash. But while these scams seek to catch people out when they're perhaps not in their usual state of mind, one would hope that most could still see it far-fetched that the U.S. Treasury should ever accept iTunes credit adequate remuneration.
Recommended Stories
Those affected by the malware can take some solace in that factory reset should clear things up. BlueCoat has yet to roll out its full report on the matter, though advises users to keep sensitive files like photos, videos and similarly important data backed up in a secure location separate to a device or its memory card. This way, should an attack occur, a factory reset should be relatively painless.
Additionally, those looking to avoid getting caught up by the Cyber.Police or similar nasties should steer clear of sites that they don't know or trust.
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed: