9 May 2014

Cryptolocker-Like Ransomware Spreading On Android

Well Android has had many flaws with its security and here a cryptolocker like ransomware is tricking people into paying up.

Once installed, the malware dubbed KolerA, disables the infected device and forces you into paying a heft amount to settle the charges.
Well its a trojan and it uses the geolocation function to tailor the warning to whichever country the user resides. This image is a UK based warning and users from other countries will get a different warning. The malware prevents the users from accessing their homescreen, making it impossible for users to use the other apps installed on the device. Well pressing the home button removes the warning but it returns after a 5s gap.
The users can however pay online using untraceable payment mechanisms such as paysafecard or uKash.

The discovery of Koler.A comes 18months after researchers from Symantec found that so-called ransomware extorts an estimated $5 million a year from users of traditional PCs. Ransomware refers to malware that disables computers and demands that cash payments to be paid to purported law-enforcement agencies befor the machines are restored. Recently ransomware scammers upped their game by building strong cryptograohy into malware, known as Cryptolocker, that holds entire hard drive until end users pay a Bitcoin ransom of $300.

How does Koler.A enter your device ?
Android offers the capability to side-load apps, and this is where Koler.A found a way in.
An adult-website would to download a player known as BaDoink, saying that it would offer better adult-content and a better quality. Then the app is downloaded to your device, installing the app provides Koler.A a new home.
It is only possible if you have allowed applications installation from Unknown Sources. However when u click on the .apk file you are prompted to install or cancel the installation of the app.
If you click Install, the app is installed and Koler.A enters your device.
However clicking Cancel, aborts the installation and you are safe.

How to save your device ?

1) Turn off installation from Unknown Sources. to do so follow the instructions below:
     Go to Setting --> Security ---> Unknown Sources.

2) Or if you prefer side-loading apps, then be aware of what you are installing and

BE AWARE OF BaDoink {Brings along, Koler.A}

Source: tomsguide and arstechnica


Post a Comment