A new Android ransomware is infecting smartphones through SMS messages

A new Android ransomware is infecting smartphones through SMS messages



u own an Android smartphone? If yes, take a moment to stop and read this as security researchers have discovered a new ransomware that specifically targets Android smartphones and spreads over to other devices using an SMS containing an malicious code.
Security researchers from cyber security firm ESET in a blog post published earlier this week revealed that they had discovered a new ransomware -- Android/Filecoder.C - that targets Android smartphones and has been active since July 12, 2019. Malicious hackers behind this hack have tried to distribute the ransomware to the masses via Reddit and via XDA Developers forum. While XDA Developers removed the posts containing the malicious code, the post on Reddit was still up, the researchers noted in a blog post.
Once a user downloads an infected file, the Android/Filecoder.C ransomware spreads further via SMS with malicious links, which are sent to all the contacts in the victim's contact list.
The researchers noted that the hackers behind this ransomware were using two servers to distribute the infected code on to victims' Android smartphones. The attackers lure victims to these domains via posting or commenting. "Mostly, the topics of the posts were porn-related; alternatively, we've seen also technical topics used as a lure. In all comments or posts, the attackers included links or QR codes pointing to the malicious apps," the researchers noted.
"To maximise its reach, the ransomware picks the language that fits the target device. To maximize its reach, the ransomware has the 42 language versions of the message template... Before sending the messages, it chooses the version that fits the victim device's language setting. To personalize these messages, the malware prepends the contact's name to them," they added.
Once the victims install the app, link to which is the malicious SMS, the app deliver whatever is promised, which often is a sex stimulator online game. Silently it encrypts the Andriod files that occupy more than 50MB space in your phone memory. However, it would leave files with the extension ".zip", ".rar", ".jpeg", ".jpg" and ".png" unencrypted. Once the files files are encrypted, the malicious code would ask the device owner for a ransom. And it would decrypt the files only when the ransom is paid.

Post a Comment

0 Comments