New malware takes Android phones hostage, demands ransom for unlock

“A fresh strain of criminal software has been discovered encrypting the data of Android smartphone owners, then demanding payment to unlock it,” Tom Brewster reports for The Guardian. “The Simplocker ransomware scans victims’ SD memory cards for certain files, including images, PDFs and other documents, and audio files, before locking them using the AES encryption standard, according to security company ESET. It’s the first malware found to be encrypting data on Android phones before demanding payment to decrypt it, according to a blog post by ESET’s security intelligence team lead Robert Lipovsky.”

“Lipovsky said that Simplocker appears to be solely active in the Ukrainian region; is not found on Android’s official Google Play Store; and is not currently widespread,” Brewster reports. “He added that the level of encryption used by Simplocker is significantly weaker than that of Cryptolocker, the aggressive Windows ransomware that global law enforcement authorities have been trying to shut down over the past week.”

Android fragmentation and malware

“Various forms of Android ransomware have been uncovered in recent months. In May, security experts warned about a strain called Koler, which posed as a porn app. It then sent a message claiming to be from police, telling the user they had broken the law by watching indecent material, demanding they pay a fine of $300,” Brewster reports. “Yet Windows remains the number one target for ransomware. The Guardian reported this week that the Cryptolocker malware has infected as many as 50,000 computers in the UK alone.”

Read more in the full article here.

[Attribution: BGR. Thanks to MacDailyNews Reader “Dan K.” for the heads up.]

Related articles:
F-Secure: Android accounted for 99% of new mobile malware in Q1 2014 – April 30, 2014
Google’s Sundar Pichai: Android not designed to be safe; if I wrote malware, I’d target Android, too – February 27, 2014
Cisco: Android the target of 99 percent of world’s mobile malware – January 17, 2014
U.S. DHS, FBI warn of malware threats to Android mobile devices – August 27, 2013
Android app malware rates skyrocket 40 percent in last quarter – August 7, 2013
First malware found in wild that exploits Android app signing flaw – July 25, 2013
Mobile Threats Report: Android accounts for 92% of all mobile malware – June 26, 2013
Latest self-replicating Android Trojan looks and acts just like Windows malware – June 7, 2013
99.9% of new mobile malware targets Android phones – May 30, 2013
Mobile malware exploding, but only for Android – May 14, 2013
Mobile malware: Android is a bad apple – April 15, 2013
F-Secure: Android accounted for 96% of all mobile malware in Q4 2012 – March 7, 2013
New malware attacks Android phones, Windows PCs to eavesdrop, steal data; iPhone, Mac users unaffected – February 4, 2013
FBI issues warning over Android malware attacks – October 15, 2012
Researchers discover serious flaw in Android app security, say HTC and Samsung ignore issue – September 28, 2012
Apple’s iPhone has passed a key security threshold – August 13, 2012
Android permissions flaw allows eavesdropping, data theft, location tracking – December 2, 2011
Massive HTC Android security flaw leaves security expert speechless – October 2, 2011
Apple’s iOS unaffected by malware as Android exploits surge 76% – August 24, 2011
Android malware records phone calls; iPhone users unaffected – August 2, 2011
Symantec: Apple iOS offers ‘full protection,’ Google Android ‘little protection’ vs. malware attacks – June 29, 2011
Malware apps spoof Android Market to infect Android phones – June 21, 2011
Google forced to pull several malware-infested apps from Android market – June 8, 2011
Android malware sees explosive growth; even faster than with PCs – April 27, 2011
Virus-laden apps infest Google’s ‘open’ Android platform; iPhone unaffected – March 3, 2011
Security firm warns of new Android trojan that can steal personal information; iPhone unaffected – December 30, 2010
Trojan infects Android smartphones; iPhone unaffected – August 10, 2010
Millions of Android phone users slammed by malicious data theft app – July 29, 2010
Unlike proactive Apple, reactive Google doesn’t block malware from Android app store – June 4, 2010
Malware designed to steal bank information pops up in Google’s Android app store – January 11, 2010


    1. Hey smartass… Read deeper.
      It’s NOT an apple/ios problem… It was idiots using THE SAME PASSWORD on eBay when they were hacked… (Or other sites)

      1. “They appear to be scam in which hackers are stealing details from other websites and using the same login details to access as many accounts as possible – including iCloud.

        It highlights, again, the need to have different login details for different accounts.”

        From the article you linked.

      2. Hey dipshit, you know how many people using IOS and Apple products use the same passwords for everything? The userbase was so stupid, Apple had to add touchid, because they are too dumb to come up with something secure AND remember what it was. So yeah, intel inside, idiot outside. Apple’s greatest security hole is its own users.

        1. Hey dipshit, you know how many people using Android and Windows products use the same passwords for everything? The userbase was so stupid, Samsung had to add finger print sensor, because they are too dumb to come up with something secure AND remember what it was. So yeah, intel inside, idiot outside. Android’s greatest security hole is its own users.

            1. You are the perfect spokesperson for Samsung.
              A piss poor excuse of a human being schilling a piss poor excuse of a company. Good job.

        2. Um, TouchId takes the place of a 4 digit PIN, just like your debit card. So, choosing something secure and remembering what it was is no problem. But you wouldn’t know that because you’ve never used an iPhone. Probably can’t afford one.

      1. No, that was a separate iOS malware from a few weeks back. I can look it up if you like. But I don’t keep records of malware for jailbroken iOS devices. The user is OTO (on their own) if they pull a jailbreak. There was one previous malware for iOS devices from a few years back, again only affecting jailbroken devices.

        FYI: There never has been actual working malware for intact iOS devices. But there have been two proof-on-concept malware of intact iOS devices that I can recall, both pointing out flaws in Apple’s vetting process.

    2. Oh ‘Joe’. You’re such a clown! You make me laugh and laugh.

      We’ve been talking about the non-functional ransomware for iOS devices for WEEKS now, right here at MDN. It is entirely NON-functional because no account for handing off the ransom money was EVER setup. And overcoming this ransomware is as easy is restoring your device from your backup, which of course anyone with a brain in their head already has via iTunes and/or iCloud.

      So! How many clowns fit in YOUR car?

  1. This is what happens when you live in a country where the government is non-existent or corrupt and cannot deal with mafia-like criminal organizations. Despite what the GOPtea tells you, government is the ONLY thing that protects the public from criminals.

        1. HST and I led parallel lives in the 1960s. I also think he’s one of the best American wordsmiths ever.

          His comment about the wave of the 60’s crashing and, “with the right kind of eyes”, being able to see the high water mark, poetically captured the disillusionment we all felt as the 60’s anti-establishment movement was overcome and commercialized in the late 70’s. We went from Led Zeppelin and The Doors, to Kiss and Tom Petty. The 60’s were real. The 70’s were artificial plastic.

          I think the opening chapter of “Hell’s Angels” captures the surreal and violent reality of those times, and it also demonstrates HST writing ability:

          “California, Labor Day weekend…early, with ocean fog still in the streets, outlaw motorcyclists wearing chains, shades and greasy Levis roll out from damp garages, all-night diners and cast-off one-night pads in Fricso, Hollywood, Berdoo and East Oakland, heading for the Monterey peninsula, north of Big Sur…The Menace is loose again, the Hell’s Angels, the hundred-carat headline, running fast and loud on the early morning freeway, low in the saddle, nobody smiles, jamming crazy through traffic and ninety miles an hour down the center stripe, missing by inches…like Genghis Khan on an iron horse, a monster steed with a fiery anus, flat out through the eye of a beer can and up your daughter’s leg with no quarter asked and non given; show the squares some class, give em a whiff of those kicks they’ll never know…Ah, these righteous dudes, they love to screw it on…Little Jesus, the Gimp, Chocolate George, Buzzard, Zorro, Hambone, Clean Cut, Tiny, Terry the Tramp, Frenchy, Mouldy Marvin, Mother Miles, Dirty Ed, Chuck the Duck, Fat Freddy, Filthy Phil, Charger Charley the Child Molester, Crazy Cross, Puff, Magoo, Animal and at least a hundred more…tense for the action, long hair in the wind, beards and bandanas flapping, earrings, armpits, chain whips, swastikas and stripped-down Harleys flashing chrome as traffic on 101 moves over, nervous, to let the formation pass like a burst of dirty thunder…”

          ― Hunter S. Thompson, Hell’s Angels: A Strange and Terrible Saga

          1. Although I was a pre teen in those plastic coating years, my father kept the 60s raw rebellious spirit alive with his record collection which he did not censor for his children’s sake. ‘Virgin ears freeze a body like a hedgehog,’ he once said. And reading HST makes you grow spines. Writing for the school paper I mimicked his style, but the copy editors infibulated my pieces. Screw those pencil jockeys.

      1. I prefer my Rugers. . . plus a couple of strategically placed 12 Gauge shotguns loaded with birdshot. . . because usually the police can only investigate after the crime goes down and look befuddled as the coroner carries the bodies away. . . leaving your loved ones to mop up the blood. I’ve been on the mopping up detail before.

      1. Actually he was talking about the lead weights used on criminals so they don’t bob back to the surface after they are disposed of in a wet environment.

  2. It has happened to Apple products too.

    I am glad for the curation on Apple’s part/.

    From a security standpoint, Android’s and iOS’s security layer should behave in a quite similar fashion. It’s the “closed loop” and the “ecosystem” and all that other crap that makes me say, “Give me an Android. I’m tired of being left alone”.

    1. Yeah, no. iOS apps cannot access and forcefully encrypt the contents of iPhones because every app’s file access is sandboxed. That makes it much harder to share files between apps on iOS compared to Andorid, but it also prevents this entire class of security problem from being possible.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.