Recently, we have seen the last case of a Cryptolocker Malware which infected more than 50,000 computers alone in the UK and now a similar malware found that encrypt your Android files.
The Malware called Simplocker identified by the ESET.
How it infects?
Upon entering in your Android Phone it scans your SD memory cards for certain files, including images, PDFs and other documents, and audio files, before locking them using the AES encryption standard.
It has not yet infected the Google Play Store and you are safe from that. It is a third party app that is being installed through individual malcious websites.
This is the first malware found to be encrypting data on Android phones before demanding payment to decrypt it, according to a blog post by ESET’s security intelligence team lead Robert Lipovsky.
The sample we’ve analyzed is in the form of an application called ‘Sex xionix’. It was not found on the official Google Play and we estimate that its prevalence is very low at this time, Lipovsky added.
This malware also send the Phone’s IMEI number and other information to attackers’ server through TOR network, by which they are in the safe place and it is a hard job to find out their location.
You should not worry about this Malware too much, as it appears to be solely active in the Ukrainian region and as we said above it is not found on Android’s official Google Play Store; and is not currently widespread.
“While the malware does contain functionality to decrypt the files, we strongly recommend against paying up – not only because that will only motivate other malware authors to continue these kinds of filthy operations, but also because there is no guarantee that the crook will keep their part of the deal and actually decrypt them,” Lipovsky said.