IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Ransomware attacks Android devices with $500 fee

If a user tries to unlock their device without paying a fee, the ransom increases to $1500

Ransomware

Bitdefender has uncovered a scam email campaign that locks Android devices and demands a $500 (330) release fee if users download the malware to their devices. If a user tries to unlock the device without paying the fee, it rises to $1500 (980).

The bug used to infiltrate systems is known as Android.Trojan.SLocker.DZ, which is one of the most widely-used tools to demand fees from Android users.

Bitdefender found more than 15,000 spam emails containing zipped files that claim to be an update for Adobe Flash Player. When a user clicks on the email attachment, the malware is downloaded and installed as a video player. When a user attempts to use the player, they see an FBI warning which they cannot close.

Catalin Cosoi, chief security strategist at Bitdefender explained: "The device's home screen delivers an alarming fake message from the FBI telling users they have broken the law by visiting pornographic websites. To make the message more compelling, hackers add screenshots of the so-called browsing history. The warning gets scarier as it claims to have screenshots of the victims' faces and know their location."

In this case, the source of the malware has been traced to .edu, .com, .org and .net domain servers, but it's not clear from where the attack originates.

Cosoi warned: "Unfortunately, there is not much users can do if infected with ransomware, even if this particular strain does not encrypt the files on the infected terminal. The device's home screen button and back functionalities are no longer working, and turning the device on/off doesn't help either, as the malware runs when the operating system boots."

He recommends that if users have Android Data Bridge enabled, they uninstall the application if they are able to find it on their device. Otherwise, they can start the device in Safe Boot mode, allowing the application to be uninstalled.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Microsoft successfully tests emission-free hydrogen fuel cell system for data centres
data centres

Microsoft successfully tests emission-free hydrogen fuel cell system for data centres

29 Jul 2022