Security News Android Ransomware Locks Phone and Asks for Credit Card Number (russian users only)

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
.... some quotes from the article above:

A new ransomware family is targeting Android devices, locking access to the screen, and constantly pestering the user to enter his payment card details.
According to Fortinet researcher Kai Lu, the one who discovered this new threat, the ransomware appears to be targeting only Russian-speaking users, as its ransom note is only available in Russian.

There are several things that stand out about this threat. The first is the humongous ransom demand it asks victims for, which is 545,000 Russian rubles (~$9,100).

This ransom demand is between 10 and 100 times over the price of some phones, and most users who can't remove the screen locker will instead choose to buy a new phone rather than paying the crooks.

To pay the ransom, victims have to enter their credit card number directly in the ransom screen, a technique very different from how other ransomware operators like to work, which is via Bitcoin, Tor, or gift cards.

As mentioned before, this ransomware is currently targeting only Russian users. Just like most Android malware today, this threat is hidden inside an app that requests users to give it administrator rights.

The app is most likely downloaded and installed from third-party app stores. Because the ransomware gets admin rights, users have to reboot their devices in safe mode and remove the app from there.
 

askmark

Level 12
Verified
Top Poster
Well-known
Aug 31, 2016
578
This highlights the importance of backups even on mobile phones. All my photos/videos on my phone get backed up to cloud storage. I'd be devastated if I lost the pictures or videos I've taken of my girls as they're growing up.
Looking forward to a version of Voodooshield for mobile, if and when it surfaces.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top