Android users held to ransom for 'viewing illegal porn'
Bitdefender says it has detected a new piece of malware, Android.Trojan.Koler.A, which is taking Android phones at ransom, locking users out of their homescreens and demanding payment to regain use of the phones.
Developed by malware group Reveton Team, the malware is delivered via porn-related websites and with the Android Package (APK) automatically downloaded when users browse the pages.
In order to get their phones back, users are asked to pay a $300 'fine' via untraceable payment mechanisms such as Paysafecard and uKash.
“When installed, it blocks the homescreen and, if users attempt to return to Home using the home button, the lock screen pops up again, thus preventing the user from using their phone or tablet,” says Bogdan Botezatu, Bitdefender senior e-threat analyst.
Just like its Windows-based variant, the malware is gelocation aware, displaying warning messages tailored to the country of the victim, and using the branding of local law enforcement agencies.
Botezatu warns users might inadvertently download the APK manually as it looks convincing 'as it comes with pornography-related names'.