Android file-encrypting ransomware app now a reality

First of many

After a number of false alarms, Simplocker, the first true file-encrypting ransomware app, has now landed on Android and it is a nasty one.

Recent pseudo-malware apps that landed on Android had hitherto been fake ones, betting on the user's gullibility to extract a ransom.

Android defender for example threatened to encrypt files but only managed to display a lockscreen.

Security vendor ESET recently discovered this one and hides its location by using a C&C (command and control) server hosted on a TOR domain.

Malware researcher Robert Lipovsky wrote in a post on ESET's blog that the malware is likely to be a proof-of-concept and "doesn't come close to Cryptolocker on Windows".

Once on the victim's device, it scans the SD card for a number of file types, encrypts them and demand a ransom to decrypt them again.

Lipovsky says that the prevalence of the malware, which emanates from Russia, is low in the wild and likely to be found outside the official Google Play.

Tags

ABOUT THE AUTHOR

Editor, TechRadar Pro

Désiré (Twitter, Google+) has been musing and writing about technology since 1997. Following an eight-year stint at ITProPortal.com where he discovered the joys of global techfests, developing an uncanny attraction for anything silicon, Désiré now heads up TechRadar Pro.