The last few months have been disastrous for Security Researchers as the world witnessed some of the biggest ransomware and malware attacks ranging from WannaCry and Petya on Windows to SambaCry on Linux and Judy on Android devices. Now if you’re assuming that all this is over then you’re mistaken.
Security Researchers have now discovered a new type of malware called as “LeakerLocker” which gets downloaded on your Android devices through Play Store and then locks down your private and sensitive data including your lock screen and demands ransom. On top of all this, the malware threatens to send all your data to everyone you know. This includes your internet browsing history, messages, emails, pictures, call records, etc.
LeakerLocker locks the home screen and accesses private information in the background, thanks to its victims granting permissions at installation time. Not all the private data that the malware claims to access is read or leaked. The ransomware can read a victim’s email address, random contacts, Chrome history, some text messages, and calls, pick a picture from the camera, and read some device information.
McAfee has identified 2 potential apps “Wallpapers Blur HD” and “Booster & Cleaner Pro” that currently carry this threat. Both the apps have been reported to Google and are under investigation. In case you get infected by this malware then you should refrain from paying the ransom which has been set to $50 as doing so you’re just promoting these malicious attacks.
Doing so contributes to the proliferation of this malicious business, which will lead to more attacks. Also, there is no guarantee that the information will be released or used to blackmail victims again.
There is although a silver lining to all this as the recent reports suggests that Google is working on an SOS button which will help users exit the malicious apps before they encrypt/delete the data. There’s no word on when Google will release this feature, but when last reported, it was being tested on Android 7.1 Nougat. It may not be much, but at least we know Google is taking some active measures to fight off compromised apps.