Last Updated on 01/08/2019 by TDH Publishing (A)
Reportedly, a brand new Android threat was recently discovered by ESET researchers, and it has an unusual adult theme which may be enough to sucker unsuspecting users into putting it. The number of reported cases so far is not high, but it’s still necessary to be aware of what is going on and make sure you’re doing everything you can to prevent the spreading of this ransomware.
The ransomware, known as Android/Filecoder.C, first appeared on Reddit and forum threads via HTML links and QR codes. It’s usually disguised as adult content or a side loadable sex simulation VR app. In actuality, the infected APKs dump ransomware on one’s device that then attempts to spread itself via SMS messages to an afflicted user’s stored contacts.
After sending the texts, Filecoder.C encrypts and locks users out of almost every file on their smartphones, rendering them unusable. It then requests a Bitcoin ransom to regain management. Based on Welivesecurity’s dissection of the app’s code, the exact ransom could be present anywhere between about $90 to $190, or even higher, depending on bitcoin’s current value.
While the encryption and ransom appear to be genuine, the app also claims it will delete the ransomed data after 72 hours. Welivesecurity was unable to verify if this is true. What it did ensure, however, is that Filecoder.C uses an encryption method that is difficult to crack—worse, deleting the ransomware app doesn’t undo the ransom. One can go through the Welivesecurity’s report for a complete explanation.
Again, Filecoder.C doesn’t seem to have spread very far just yet, but it’s still in active circulation. Here are some measures to keep yourself safe from this and alternative nasty Android malware:
- The fake texts sent from Filecoder.C claim that compromising photos of you are showing up on other apps, but unless you’ve been cavalier about sharing such content, that’s highly unlikely.
- These texts will appear and sound strange to start with, so you should be able to tell that your friend didn’t send it. If the text is from somebody you don’t refer to frequently, that’s even a lot of reason to avoid clicking any links the message contains.
- When in doubt, do not download click on obscure links or install.APKs because your friends texted you them out of the blue. Call up your friend and ask what’s up—you might even do them a favor by alerting them to their malware infection.
