Researchers say a new kind of malware will encrypt all the files on your phone and then demand a ransom to release them. With an increasing reliance on mobile devices among small business owners, one danger is the loss of valuable documents carried on your mobile device.
Robert Lipovsky, malware researcher with ESET Antivirus Software, reports on the discovery of the new Android malware dubbed Android/Simplocker.
On the We Live Security blog, the official site of the ESET security community, Lipovsky explains:
“Android/Simplocker…will scan the SD card for files with any of the following image, document or video extensions: jpeg, jpg, png, bmp, gif, pdf, doc, docx, txt, avi, mkv, 3gp, mp4 and encrypt them using AES [Advanced Encryption Standard].”
Once this is accomplished, researchers say a message will appear on your phone’s screen demanding payment in exchange for releasing the files. The malware even goes so far as suggesting the victim make sure they get a receipt via a difficult-to-trace electronic transaction known as MoneXy.
Though so far only spotted in Eastern Europe, researchers believe the malware may be in the testing stages with the intention to eventually release it worldwide.
“The ransom message is written in Russian and the payment demanded in Ukrainian hryvnias, so it’s fair to assume that the threat is targeted against this region. This is not surprising, the very first Android SMS trojans (including Android/Fakeplayer) back in 2010 also originated from Russia and Ukraine.”
Lipovsky says experts strongly recommend against paying the ransom. First, this is because rewarding such activities only encourages more developers to create similar threats in the future. Second, Lipovsky points out there is no way of knowing whether attackers will even follow through on their promise to release your files.
Experts say the easiest way to dismantle the malware is by rebooting the phone into safe mode to remove it manually, but this will mean the loss of all your documents too.
To protect yourself and your business from losing potentially irreplaceable data, Lipovsky recommends making sure your mobile device contains adequate mobile security software.
“Adhering to security best practices, such as keeping away from untrustworthy apps and app sources, will reduce your risks. And if you keep current backups of all your devices then any ransomware or Filecoder trojan – be it on Android, Windows, or any operating system – is nothing more than a nuisance.”
Phone Photo via Shutterstock