Wednesday, 04 June 2014 14:56

New CryptoLocker like Malware hits Android, Could be the start of a bad trend...

Written by 
Rate this item
(0 votes)

Imagine opening up a webpage when suddenly you see a notice saying all of your files have been locked. You have a limited amount of time to send a ransom or you will lose all of your data. This is what many people faced when the CryptoLocker Malware hit the PC world by surprise. Even now with many command and control servers down this threat still looms out there. Now imagine that instead of your PC it was your phone. The number of people that actually backup their phones in any real way is very small. A bit of malware like this could be disastrous to some.

Well it appears that this is exactly what someone has done to the Android world. The new malware discovered by the team at ESET and dubbed Android/Simplocker digs into your SD card and encrypts files there. The file types appear to be similar to pictures, documents, along with music and video files these are encrypted using a form of AES encryption and the extension is changed to .enc. In addition to screwing up your files the nasty little bug also grabs information about your phone (IMEI number etc.) and sends it back to command and control servers Via the TOR network (using HTTP/HTTPS).

How it is being spread is not fully known, but the installation appears to be a manual one. This means that it is most likely coming in through a poisoned application. Right now the ransom is fairly small at around $21, but this could change quickly as it did with CryptoLocker. There is both good news and bad news about this new bit or mobile malware, right now files are easily recovered if you have a backup of some sort (Google’s built in backup or third party). It also seems that this new bit of code is very immature, ESET even described it as being like a proof of concept. This means that it could become more sophisticated and develop new “features” that could prevent or limit the effects of a backup.

We have said before that the mobile world is an open book to malware developers and we could be seeing the beginnings of a new and very nasty trend. Considering the massive lack of real malware protection (or real security) on all mobile phones we are actually surprised that this has taken this long. It is also not surprising that this new malware hit the streets shortly after Apple had their own bout with ransomeware…

Tell us what you think in our Forum

Read 1057 times Last modified on Wednesday, 04 June 2014 14:59