View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
May 26, 2015

Bitdefender: Android ransomware uses fake FBI porn warning

15000 spam emails have issued from servers in Ukraine.

By Alexander Sword

Android users are being targeted by a ransomware that delivers a fake FBI warning, says security firm Bitdefender.

Posing as an Adobe Flash player update, the malware downloads and installs on the device as a Video Player, displaying an error message when the user tries to run it.

It locks the device and private contents, displaying a sinister warning purporting to be from the FBI and demanding $500 to be paid via MoneyPal and PayPal MyCash transfers to restore access. Users that try to unlock their devices independently see the figure rise to $1500.

The antivirus solutions provider claims to have detected over 15,000 spam emails originating from servers in Ukraine. The threat is Android.Trojan.SLocker.DZ, a prevalent breed of Android ransomware.

Bitdefender suggests that users with Android Data Bridge enabled will be able to programmatically uninstall the application. If the device supports it, users can also attempt to start the terminal in Safe Boot, using the minimal Android configuration to provide time to manually uninstall it.

The company also advises that users never install applications from untrusted sources, regularly back up data, use an anti-malware solution on the device and use a filter to reduce spam emails.

"After pressing OK to continue, users see an FBI warning and cannot escape by navigating away," states Catalin Cosoi, Chief Security Strategist at Bitdefender. "The device‘s home screen delivers an alarming fake message from the FBI telling users they have broken the law by visiting pornographic websites.

Content from our partners
An evolving cybersecurity landscape calls for multi-layered defence strategies
An evolving cybersecurity landscape calls for multi-layered defence strategies
Powering AI’s potential: turning promise into reality
Powering AI’s potential: turning promise into reality
Unlocking growth through hybrid cloud: 5 key takeaways
Unlocking growth through hybrid cloud: 5 key takeaways

"To make the message more compelling, hackers add screenshots of the so-called browsing history. The warning gets scarier as it claims to have screenshots of the victims’ faces and know their location."

Catalin Cosoi continues, "Unfortunately, there is not much users can do if infected with ransomware, even if this particular strain does not encrypt the files on the infected terminal. The device’s home screen button and back functionalities are no longer working, and turning the device on/off doesn’t help either, as the malware runs when the operating system boots."

Websites in our network
The New Statesman Press Gazette Spears World of Fine wine Elite Traveler Leadmonitor
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU