Home Mobiles New Android ransomware lures victims via SMS messages pretending to be porn

New Android ransomware lures victims via SMS messages pretending to be porn

Beware of this new ransomware.

If you have an Android smartphone, you need to be careful about a new family of ransomware that has been discovered. According to security researchers, the newly-found Android ransomware goes deeper into the handset via SMS messaging. Dubbed Android/Filecoder.C, the ransomware has been distributed through a number of popular online forums like XDA Developers and Reddit. In most cases, the attackers try to lure victims into downloading adult content from suspicious links and this sets the pitch for the ransomware attack. The attackers then demand a ransom between $98 to $188.

The Android/Filecoder.C ransomware was spotted by security researchers at ESET and they found that it was being transmitted via malicious apps. The links of the malicious apps were found by the researchers on forum posts that were mostly related to pornographic content. Once the user installs any of these apps, the ransomware starts spreading via SMS messages to the victim’s contact list too. The messages that are sent to the victim’s contacts contain the links to ransomware. Each of these is shown as an app that uses the pictures of the recipient. It is believed that the ransomware has been active since July 12.

- Advertisement -

Furthermore, the ransomware has the same message template available in 42 languages. So, it automatically detects the language settings of the infected device and then uses the matching template. Once the recipient clicks on the link in the message, the malicious app gets installed on his device too.

A blog post that has been published by the researchers reads, “The ransomware has the ability to send text messages, due to having access to the user’s contact list. Before it encrypts files, it sends a message to each of the victim’s contacts.”

Once the message sending process is completed by the ransomware, it goes through the files that are saved in the accessible storage and encrypts most of them. It is also worth mentioning that the app that gets the ransomware also has the command-and-control (C2) settings and Bitcoin wallet addresses. In addition to this, the attackers make use of Pastebin as a conduit to retrieve the information from the source code.

malware

While it has been claimed that the ransomware can encrypt different file types like texts and images, it is worth mentioning that Android extensions such as .apk and .dex and compresses files like .zip and .rar are not included in it.

To avoid being attacked with this ransomware, users are recommended to only install reliable apps, that too only via the Google Play Store. In addition to this, they should avoid clicking on any unknown links and update their devices regularly.

For the latest gadget and tech news, and gadget reviews, follow us on TwitterFacebook and Instagram. For newest tech & gadget videos subscribe to our YouTube Channel. You can also stay up to date using the Gadget Bridge Android App.

- Advertisement -
Avani Baggahttps://www.gadgetbridge.com
Avani has an immense love for reading, travelling and food, but not necessarily in the same order. Avani almost started pursuing law, but life had other (better) plans for her and she chose to be a writer instead (luckily!) She previously covered technology at Times Internet and wrote about smartphones, mobile apps and tech startups. When she’s not writing, you’ll be able to find her in book stores or catching up on her social life.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisement -

Follow Us

123,051FansLike
8,924FollowersFollow
4,848FollowersFollow
5,090SubscribersSubscribe

Must Read

Tecno Spark 6 with a 5,000mAh battery launched: Price and specifications

Tecno Spark 6 with a 5,000mAh battery launched: Price and specifications

0
Transsion holding smartphone brand Tecno Mobile has launched its new mobile phones in the market. The company has introduced Tecno Spark 6 as its...
- Advertisement -