Android phones hit by widespread ransomware attack

“You are guilty of child porn, child abuse, zoophilia or sending out bulk spam. You are a criminal,” Nicole Perlroth reports for The New York Times. “The Federal Bureau of Investigation has locked you out of your phone and the only way to regain access to all your data is to pay a few hundred dollars.”

“That message — or variations of it — has popped up on hundreds of thousands of people’s Android devices in just the last month. The message claims to be from the F.B.I., or cybersecurity firms, but is in fact the work of Eastern European hackers who are hijacking Android devices with a particularly pernicious form of malware, dubbed ‘ransomware’ because it holds its victims’ devices hostage until they pay a ransom,” Perlroth reports. “In just the last 30 days, roughly 900,000 people were infected with a form of ransomware called ‘ScarePackage,’ according to Lookout, a San Francisco-based mobile security firm.”

Perlroth reports, “‘This is, by far, the biggest U.S. targeted threat of ransomware we’ve seen,’ said Jeremy Linden, a senior security product manager at Lookout. ‘In the past month, a single piece of malware has infected as many devices in the U.S., as a quarter of all families of malware in 2013.'”

Read more in the full article here.

MacDailyNews Take: “Open,” as in: Wide.

[Thanks to MacDailyNews Reader “Dan K.” for the heads up.]

Related articles:
Sneak Attack: Android apps can attack each other, steal passwords, credit-card numbers, photos – August 22, 2014
There’s practically no iOS malware, thanks to Apple’s smart control over app distribution – June 13, 2014
F-Secure: Android accounted for 99% of new mobile malware in Q1 2014 – April 30, 2014
Google’s Sundar Pichai: Android not designed to be safe; if I wrote malware, I’d target Android, too – February 27, 2014
Cisco: Android the target of 99 percent of world’s mobile malware – January 17, 2014
U.S. DHS, FBI warn of malware threats to Android mobile devices – August 27, 2013
Android app malware rates skyrocket 40 percent in last quarter – August 7, 2013
First malware found in wild that exploits Android app signing flaw – July 25, 2013
Mobile Threats Report: Android accounts for 92% of all mobile malware – June 26, 2013
Latest self-replicating Android Trojan looks and acts just like Windows malware – June 7, 2013
99.9% of new mobile malware targets Android phones – May 30, 2013
Mobile malware exploding, but only for Android – May 14, 2013
Mobile malware: Android is a bad apple – April 15, 2013
F-Secure: Android accounted for 96% of all mobile malware in Q4 2012 – March 7, 2013
New malware attacks Android phones, Windows PCs to eavesdrop, steal data; iPhone, Mac users unaffected – February 4, 2013
FBI issues warning over Android malware attacks – October 15, 2012
Researchers discover serious flaw in Android app security, say HTC and Samsung ignore issue – September 28, 2012
Apple’s iPhone has passed a key security threshold – August 13, 2012
Android permissions flaw allows eavesdropping, data theft, location tracking – December 2, 2011
Massive HTC Android security flaw leaves security expert speechless – October 2, 2011
Apple’s iOS unaffected by malware as Android exploits surge 76% – August 24, 2011
Android malware records phone calls; iPhone users unaffected – August 2, 2011
Symantec: Apple iOS offers ‘full protection,’ Google Android ‘little protection’ vs. malware attacks – June 29, 2011
Malware apps spoof Android Market to infect Android phones – June 21, 2011
Google forced to pull several malware-infested apps from Android market – June 8, 2011
Android malware sees explosive growth; even faster than with PCs – April 27, 2011
Virus-laden apps infest Google’s ‘open’ Android platform; iPhone unaffected – March 3, 2011
Security firm warns of new Android trojan that can steal personal information; iPhone unaffected – December 30, 2010
Trojan infects Android smartphones; iPhone unaffected – August 10, 2010
Millions of Android phone users slammed by malicious data theft app – July 29, 2010
Unlike proactive Apple, reactive Google doesn’t block malware from Android app store – June 4, 2010
Malware designed to steal bank information pops up in Google’s Android app store – January 11, 2010

52 Comments

      1. Just run a process viewer to see which app is doing it. If I can’t do it on the phone itself, I have USB debugging enabled so I could just hook it to my PC and use ADB debugging.

        Worse comes to worst, just nuke the whole thing and start anew.. I keep everything I consider important on my phone on cloud storage, everything else can just be copied back over via USB when I get the chance

            1. The iPhone 5c, which is currently the latest iPhone if I’m not mistaken, uses a 1.3 GHz dual core CPU and a 1136 x 640 pixel screen. The absolute bare minimum to be technically considered HD is 1080 x 720. It’s not even an HD phone.

              it’s 2014. Not 2010. Why the fuck would I want something like that?

            2. Why the fuck do you want to come here and let everyone know what a dickwad loser you are? I guess it’s just another one of life’s little mysteries.

            3. The fact that you reference the iPhone 5c, Apple’s “cheap” iPhone, tells me that you are not interested in comparing equal products. FYI, the current flagship is the iPhone 5S. But I guess if you were being honest, dracoazule, you would have admitted that.

          1. It doesn’t take much technical prowess to properly maintain your smartphone. And by ‘AAPL HAS THIER SHIT TOGETHER IDIOT SUCK!’ (sic) you mean “AAPL PTS US N A PAYPIN EVIRNMENT CUZ WE CNT TAK CAR UF URSELFS’

            1. All Android keyboards have a spell check feature. Not that I really need it. I was making fun ijah420’s lack of spelling abilities.

              And I am using Windows. It’s running on a PC I built myself for a total of about $1,700. You know, about the same price you paid for that mid range Macbook that probably doesn’t even support 4 monitors in a basic Eyefinity config.

            2. typical windows user:

              “I built myself” and saved money because I’m such a loser my TiME is worth NOTHING.

              ever figure that in the time you took to build that PC, study how to do it, source the parts , check the parts, send the parts back if they are wrong, test it… the Mac dude has made hundreds of dollars to make up above 1700 to buy a sleek award winning Macbook Pro or iMac or even a MacPro? A Mac which ALSO HAS GREAT RESALE VALUE? try selling your homemade can in a couple of years …

              How many hundreds of hours did you spend to LEARN how to build a PC and source the parts?
              If you’re paid just 30 bucks and hour 10 hrs is 300 bucks.

            3. I posted the above the time wasted in building PCs (they never factor the cost their time in their estimates) and got a bunch of one stars from Winblows trolls yet none of them posted back to argue what was wrong with my logic.

        1. In the last two years I’ve actually had to turn my iPhone 5 off and back on once. My time is too valuable to dick around with processes to resurrect Korean junk, and I’m not so juvenile as to brag about my tech expertise.

        2. Oh that rich. I’ll just tell Granny to “run the process viewer” on her Android phone to fix it. More proof that you have to be a total chiphead just to use Android OS.

    1. Actually, this story is not about a new threat to Androids.

      It is FUD to scare Android users into buying security software. Probably an old Android exploit with a new twist (as in twist your arm, ransom)

    2. Only a tiny minority of Adroid users are capable of doing that level of maintenance on their phones. But you guys love to blame the user for all the problems they have with the OS, dontcha?

      1. actually…no…not really…android manufacturers haven’t learned from the past mistakes of microsoft. Pushing out the cheapest products for the sake of marketshare only opens them up for attacks like this. I hope android keeps their low end marketshare, all these attacks will consistently target android 🙂

  1. I believe it’s only a matter of time before all of my acquaintances who have bought into the Android camp realize the utter absurdity of their position. I actually am looking forward to the day, as long as it is not accompanied by a terrorist attack that has taken advantage of the idiocy on display here.

  2. Just last week, a friend who develops for Android told me it is impossible for Android to get stuff like this because “Android is based on Linux”. He then went on to say how Apple sabotages iPhones the closer they get to announcing new ones.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.