Security News Koler Android Ransomware Targets the US with Fake PornHub Apps

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
...some quotes from the article:

Campaign was aimed only at US users
Previous versions of Koler came with support for geo-targeting, showing a ransom note in a different language based on the user's location.

Stefanko told Bleeping Computer that this particular Koler campaign targeted only US users, as the ransomware only included ransom notes with an FBI theme.
Click to expand...

...
.....
....


During the past week, US users visiting adult-themed sites were targeted by ads for a fake PornHub app that contained a version of the Koler ransomware.
This particular ransomware appeared in 2014 when the operators of the Reveton Windows screen-locking ransomware decided to branch out and create an Android counterpart, which they began advertising on Russian-speaking hacking forums.
The Android version was a hit from the get-go, and it was one of 2014's most active Android threats, being detected in multiple campaigns during that year [1, 2, 3], including one that leveraged an SMS worm to automate and boost its infection process.


Because it was developed by the Reveton crew, Koler inherited the same tactics used by its Windows brethren, famous for locking people out of their computers and showing a police-themed message that asked people to pay a fine for viewing pornographic content.
Click to expand...

New Koler campaign detected this past week
This extortion tactic was seen this past week by ESET security researcher Lukas Stefanko, who discovered an ongoing campaign that was pushing fake PornHub apps infected with the Koler ransomware, spread via shady adult-themed websites.

Users navigating to these sites were lured into downloading the fake PornHub app in order to view their desired pornographic content. At the end of this article, there's a list of URLs where the Koler group hosted their fake PornHub apps.
Click to expand...
 
  • Like
Reactions: Der.Reisende and silversurfer
You must log in or register to reply here.

Similar threads

enaph
    • Like
    • +Reputation
    • Wow
Security News Fake Avast Antivirus Sites Are Spreading SpyNote Android Malware
Replies
1
Views
379
Security News
Studynxx
S
Gandalf_The_Grey
    • Like
Security News Fake Google Meet conference errors push infostealing malware
Replies
2
Views
1,315
Security News
Andy Ful
Andy Ful
Gandalf_The_Grey
    • +Reputation
    • Like
Malware News Surge in Magniber ransomware attacks impact home users worldwide
Replies
2
Views
2,495
Security News
Jonny Quest
Jonny Quest

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top