Warning: File Encrypting Ransomware, Now on Android
Simplocker Android Ransomware
The Simplocker Android ransomware is the first mobile malware capable of encrypting an Android device’s contents.
- Identify files with common extensions, such as .jpg, .mp4, or .doc, and apply an encryption algorithm that blocks user access.
- Demand payment through online money service to unlock.
- Steal device information, such as unique IMEI number and OS version.
- Communicate with C&C server located on the Tor anonymity network.
Simplocker is not the first mobile ransomware ever, but it is the first to have encryption capability. Last month, a less advanced mobile ransomware emerged that utilized screen locking to demand ransom. Simplocker’s added capabilities represent an evolution, and suggest that malware authors are putting a great deal of effort into mobile ransomware development.
How to Avoid Infection
At this point, the chances of Simplocker infection are relatively low. The malicious app it comes on is called Sex xionix, and it can be found on a third-party, Russian language app market. Simplocker does however represent a new step in mobile malware, and it is highly likely that it will be followed by more advanced breeds.
The highly personal nature of most smartphone data (photos, videos, journal entries and notes) makes mobile ransomware a dangerous weapon. To protect yourself from this growing threat, you should take steps to backup your files as soon as possible.
For proactive protection, you can also consider a mobile anti-malware, like Emsisoft Mobile Security.
In the event that you have become infected by Simplocker, or any other type of ransomware we do not recommend paying the ransom unless you absolutely have to regain access to the files. Payment does not ensure reentry, and it only works to encourage cyber criminals more.
Have a Great (Mobile-Malware-Free) Day!
ALERT: Ads on Disney, Facebook, Guardian Lead to Ransomware