Warning: File Encrypting Ransomware, Now on Android

simlocker_blogWarning: File encrypting ransomware has gone mobile – infection can permanently encrypt all of the files stored on your Android device.

Simplocker Android Ransomware

The Simplocker Android ransomware is the first mobile malware capable of encrypting an Android device’s contents.

Simplocker Capabilities

  • Identify files with common extensions, such as .jpg, .mp4, or .doc, and apply an encryption algorithm that blocks user access.
  • Demand payment through online money service to unlock.
  • Steal device information, such as unique IMEI number and OS version.
  • Communicate with C&C server located on the Tor anonymity network.

Simplocker is not the first mobile ransomware ever, but it is the first to have encryption capability. Last month, a less advanced mobile ransomware emerged that utilized screen locking to demand ransom. Simplocker’s added capabilities represent an evolution, and suggest that malware authors are putting a great deal of effort into mobile ransomware development.

How to Avoid Infection

At this point, the chances of Simplocker infection are relatively low. The malicious app it comes on is called Sex xionix, and it can be found on a third-party, Russian language app market. Simplocker does however represent a new step in mobile malware, and it is highly likely that it will be followed by more advanced breeds.

The highly personal nature of most smartphone data (photos, videos, journal entries and notes) makes mobile ransomware a dangerous weapon. To protect yourself from this growing threat, you should take steps to backup your files as soon as possible.

For proactive protection, you can also consider a mobile anti-malware, like Emsisoft Mobile Security.

In the event that you have become infected by Simplocker, or any other type of ransomware we do not recommend paying the ransom unless you absolutely have to regain access to the files. Payment does not ensure reentry, and it only works to encourage cyber criminals more.

Have a Great (Mobile-Malware-Free) Day!

 

 

 

  • Sandbo

    Luckily on most Android device all the photos and videos taken are automatically synchronized with the cloud storage (Google+), the effect of the same ransomeware should be much less pronounced on phone, unless someone particularly use their mobile as a portable storage.

  • Legend

    Besides the cryptolocker edition to smartphones, then I think we will see a huge increase in ID thefts on that type of platforms in the near future. But as sandbo writes, then backup all your notes- pictures- contacts, to the cloud, as you would with your pc. And remember to contact all your email contacts/ friends to warn them if you are hit by malware, just in case :)