View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
May 26, 2015

Bitdefender: Android ransomware uses fake FBI porn warning

15000 spam emails have issued from servers in Ukraine.

By

Android users are being targeted by a ransomware that delivers a fake FBI warning, says security firm Bitdefender.

Posing as an Adobe Flash player update, the malware downloads and installs on the device as a Video Player, displaying an error message when the user tries to run it.

It locks the device and private contents, displaying a sinister warning purporting to be from the FBI and demanding $500 to be paid via MoneyPal and PayPal MyCash transfers to restore access. Users that try to unlock their devices independently see the figure rise to $1500.

The antivirus solutions provider claims to have detected over 15,000 spam emails originating from servers in Ukraine. The threat is Android.Trojan.SLocker.DZ, a prevalent breed of Android ransomware.

Bitdefender suggests that users with Android Data Bridge enabled will be able to programmatically uninstall the application. If the device supports it, users can also attempt to start the terminal in Safe Boot, using the minimal Android configuration to provide time to manually uninstall it.

The company also advises that users never install applications from untrusted sources, regularly back up data, use an anti-malware solution on the device and use a filter to reduce spam emails.

"After pressing OK to continue, users see an FBI warning and cannot escape by navigating away," states Catalin Cosoi, Chief Security Strategist at Bitdefender. "The device‘s home screen delivers an alarming fake message from the FBI telling users they have broken the law by visiting pornographic websites.

Content from our partners
Why all businesses must democratise data analytics
How start-ups can take the next step towards scaling up
Unlocking the value of artificial intelligence and machine learning

"To make the message more compelling, hackers add screenshots of the so-called browsing history. The warning gets scarier as it claims to have screenshots of the victims’ faces and know their location."

Catalin Cosoi continues, "Unfortunately, there is not much users can do if infected with ransomware, even if this particular strain does not encrypt the files on the infected terminal. The device’s home screen button and back functionalities are no longer working, and turning the device on/off doesn’t help either, as the malware runs when the operating system boots."

Websites in our network
NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
I consent to New Statesman Media Group collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED
THANK YOU