,

Android Malware Locks Your Device When Illegal Porn Is Viewed

A new Android malware has been detected by researchers that locks infected devices unless a hefty fee of $300 is paid by the owner. A warning appears on the device saying that viewing of illegal pornography has been detected and that to avoid criminal charges a penalty must be paid. Adding more credibility is that the warning uses geolocation and is tailored to whatever country the victim resides in.

kohler a

The malware called Android-Trojan.Koler.A   comes just 18 months after Symantec discovered a ransomware that targets PC users that has extorted more than $5 million from victims. Ransomware is a form of malware that disables a system and demands that a ransom be paid for users to be able to gain access to their systems.

The warning displayed by Android-Trojan.Koler.A claims to encrypt all files on an infected device however researchers said that there’s no evidence that it encrypts files on a phone. According to Bitdefender Senior E-Threat Analyst Bogdan Botezatu “The ransomware’s main component is a browser view that stays on top of all other applications. You can press Home and go to the homescreen, but a timer would bring it back on top in about 5 seconds. I managed to uninstall it manually by swiftly going to applications and dragging the icon on the Uninstall control, but it only works if the application icon is on the first row. Otherwise, one wouldn’t have the necessary time to drag it to the top, where the uninstall control is located.”

This malware is automatically downloaded when users visit certain porn sites using their Android device. The sites usually claim that a certain APK is needed to be installed to be able to view premium content. To become infected a user will have to enable installation of apps from unknown sources and then manually install the APK. This social engineering trick usually works and has already claimed a number of victims.

To avoid getting malware on Android devices it is best to only download apps coming from the Google Play Store.

via arstechnica