New Android Ransomware Holds Mobiles Hostage

Researchers at the Internet security outfit ESET have issued a warning to all users of the Android operating system that a new ransomware variant, dubbed “Android/Simplocker”, had begun making its way around the standard channels of distribution through the Google Play store and attack-ready email attachments.

Much like the wildly popular CryptoLocker infections we’ve seen take the world by storm over the past several months, Simplocker is capable of completely disabling a user’s phone remotely, bricking all content contained within until they agree to pay a certain amount of money to an offshore Bitcoin wallet or by mailing a prepaid MoneyPak card to a PO box in the hacker’s home country.

Once infected, users are greeted with a screen informing them of what they can do to regain control of their device if they meet all of the displayed demands within 24 hours.

“WARNING your phone is locked!
The device is locked for viewing and distribution child pornography , zoophilia and other perversions.

To unlock you need to pay 260 UAH.

1. Locate the nearest payment kiosk.
2. Select MoneXy
3. Enter {REDACTED}.
4. Make deposit of 260 Hryvnia, and then press pay.
Do not forget to take a receipt!
After payment your device will be unlocked within 24 hours.
In case of no PAYMENT YOU WILL LOSE ALL DATA ON your device!”

All in all this only amounts to about $20 USD, which in the scheme of things isn’t exactly a massive fine to pay to regain access to all your personal photos and information. This paltry sum is also a far cry from the $300-$500 price tag others have been forced to pay when the infection is found in the form of CryptoLocker on their desktops at home, suggesting that while the hackers know they could theoretically ask for much more, the chances of someone actually ponying up the cash is far higher when they spread their demands thin across a wider number of victims at a time.

Luckily, the researchers at ESET have reason to believe the discovery isn’t yet a full-fledged piece of malware just yet, and could still be prevented as long as Google is on top of their update schedule enough to issue a hotfix before the program gains any traction on the open market.

“Our analysis of the Android/Simplock.A sample revealed that we are most likely dealing with a proof-of-concept or a work in progress – for example, the implementation of the encryption doesn’t come close to “the infamous Cryptolocker” on Windows.”

Photo: ESET

Granted, they were also sure to state that just because it’s in the early stages of development doesn’t mean it still can’t do what it was designed to, and anyone who owns a potentially vulnerable phone or tablet should take special care whenever they open an email from an unrecognized source or download a new app without any ratings to back up its authenticity.

It’s because of threats like these that Android owners should always take advantage of any backup solutions they are offered by their providers, as well as third-party programs which can automatically store data that is saved on the phone the moment it’s added to the onboard media library.