android trojan

ESET: ransomware for Android encrypts files and asks ransom

Η ESET has announced that engineers have identified a new, dangerous one ransomware for Android. It Android / Simplocker, encrypts files to SD card and then seeks a ransom to decrypt them.

ESET android-trojan

Below are information from the press release of the company.

As long as the encryption is done, at screen the device appears one message in Russian, which informs the Android user that his device is in place violated and are required 260 Hryvnia Ukraine, about 16 euro, to regain control.

Android / Simplocker.A scans the device's SD card for files jpeg, jpg, png, bmp, gif, pdf, doc, docx, txt, avi, mkv, 3gp, and mp4.

At the same time, he will send to his own Command & Control server detectable device information (such as IMEI, etc.).

The paradox, compared to previous examples of ransomware in Windows, is that there is no code input field for confirmation of payment, on the contrary, malicious software obeys ordered by C&C server to decrypt the files, most likely after the payment has been made.

ESET experts have analyzed sample the attack in the form of one application called "Xionix Sex". Application not found in official Google Play, which, according to their estimates, means that its spread is still very small.

As the malware has no the functionality to decrypt files, ESET advises users to do not proceed to payment of the ransom, since it does not exist no warranty that cyber criminals will keep their word and decipher the data.

On the contrary, it encourages the use of strong solutions, such as the ESET Mobile Security, to shield the Android device, and backup the data, as this way the user does not risk losing any file from any similar trojan.

For more information and more detailed analysis of the ransomware, those interested can visit the blogpost  www.welivesecurity.com/2014/06/04/simplocker/.

Source: e-pcmag.gr

iGuRu.gr The Best Technology Site in Greecegns

every publication, directly to your inbox

Join the 2.112 registrants.

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).