 |
Ransomware in action. Image courtesy of BitDefender. |
"Ransomware" is one of the mobile malware sub-genres in circulation. It eats up your screen real estate with a warning that you somehow engaged in horrible crime activity and therefore must pay a ransom. The latest contender to emerge in this rare niche is Android-Trojan.Koler, and boy, is it a nasty one! As its name not-so-subtly suggests, it creeps up on Android devices and is as smart as to use geolocation to properly "locate" its alarm bells to the user's actual country and relative crime burreay. It accuses you of watching banned pornography and demands a $300 ransom, which should be paid off through covert payment mechanisms like Paysafecard and uKash. Thankfully, real-life offenders rarely get away this easy.
The ransomware works by preventing users from accessing their phones' home-screens and making it impossible to browse menus and use apps as normally. BitDefender e-threat analyst Bogdan Botezatu explained that Koler.A opens a browser view that stays on top of other apps. Users can press Home and return to the home-screen, but a 5-second timer brings back the spam on top.
Luckily, this trashy piece of code isn't being distributed via the Google Play Store, which saw its share of malware-related mishaps lately. The way it reaches your Android device is by installing itself when browsing certain porn sites. These sites claim that the malware's download is actually an APK for a video player used for premium access. We don't have a list of websites to serve, but as an Android user, you should be aware that downloading APK's from sketchy websites is a sure way to get infected.
via ARSTechnica
Share:
Facebook Twitter Google plus
Aucun commentaire:
Enregistrer un commentaire