Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
G.Skill TridentZ 5 RGB 6800 MHz CL34 DDR5 review
Be Quiet! Dark Power 13 - 1000W PSU Review
Palit GeForce RTX 4080 GamingPRO OC review
Core i9 13900K DDR5 7200 MHz (+memory scaling) review
Seasonic Prime Titanium TX-1300 (1300W PSU) review
F1 2022: PC graphics performance benchmark review
MSI Clutch GM31 Lightweight​ (+Wireless) mice review
AMD Ryzen 9 7900 processor review
AMD Ryzen 7 7700 processor review
AMD Ryzen 5 7600 processor review

New Downloads
CPU-Z download v2.04
Intel ARC graphics Driver Download Version: 31.0.101.4090
AMD Radeon Software Adrenalin 23.1.2 (RX 7900) download
GeForce 528.24 WHQL driver download
Display Driver Uninstaller Download version 18.0.6.0
Download Intel network driver package 27.8
ReShade download v5.6.0
Media Player Classic - Home Cinema v2.0.0 Download
HWiNFO Download v7.36
MSI Afterburner 4.6.5 (Beta 4) Download


New Forum Topics
AMD Software: Adrenalin Edition 23.1.2 for AMD Radeon™ RX 7900 Series 4th proprietary graphics driver is now available exclusively for AMD Radeon RX 7900 XTX and XT NVIDIA GeForce 528.24 WHQL driver download & Discussion Intel Shares Fourth-Quarter and Full-Year 2022 Financial Results AMD Software: Adrenalin Edition 22.11.2 - Driver download and discussion Corsair 10GB/s MP700 PCIe Gen5 SSD got unveiled, but quickly gets hidden AMD Polaris (RX 400/500) users unable to play Forspoken Amernime Zone AMD Software: Adrenalin / Pro Driver - Release Discovery 22.12.2 WHQL Windows fast start up causing 'Default Radeon WattMan Settings Have been Restored due to Unexpected Forspoken implements Microsoft's DirectStorage API, faster load times; lowers FPS; raises FPS?




Guru3D.com » News » Cryptolocker Like Ransomware Spreads to Android Devices

Cryptolocker Like Ransomware Spreads to Android Devices

by Hilbert Hagedoorn on: 05/08/2014 08:16 AM | source: | 17 comment(s)
Cryptolocker Like Ransomware Spreads to Android Devices

Quick, pay this fine or the FBI will arrest you! That's how a new type of Android ransomware is tricking people into paying up. Once installed, the malware, dubbed "Koler.A," locks up the phone, preventing users from accessing the home screen and effectively holding the phones ransom until users pay $300. "Koler.A," first detected Sunday (May 4) by the pseudonymous French security blogger Kafeine, is one of the first discovered examples of Android ransomware, and the first known "police Trojan" for Android. Fortunately, its bark is worse than its bite. 

Koler.A spreads using malicious traffic-distribution systems (TDS) — short pieces of software placed on websites, often through ads, that redirect visitors to other sites. Malicious TDS's detect visitors' browsers, operating systems and countries of residence, and redirect them to malicious Web pages with embedded browser exploit kits tailored to each victim. In the case of Android devices, the visitor's browser will be redirected to a fake pornography website that will try to trigger a drive-by download (which won't work if the device is set to reject any app from outside the Google Play store). 

However, even if the download succeeds, the Android user will have to manually approve the app's installation. The malware creators have to trick users into thinking the malicious app is harmless. How do the ransomware creators trick these discerning porn site visitors? By promising more porn, of course! Kolar.A presents itself as BaDoink, a video player app that often needs to be installed to view streaming porn on mobile devices.



Cryptolocker Like Ransomware Spreads to Android Devices




« Gigabyte reveals its Z97 motherboard lineup · Cryptolocker Like Ransomware Spreads to Android Devices · Galaxy Launches Gamer Series GTX 760 and 770 Graphics Cards »

4 pages 1 2 3 4


Koniakki
Senior Member



Posts: 2843
Joined: 2009-09-15

#4814370 Posted on: 05/08/2014 09:01 AM
So if I get this right, in order to get "infected" with this ransomware you have to:

1: Somehow ended up in a fake pornography website from your phone. Okay not that hard. :D

2: Initiate a download or if its initiating automatically let it continue. If its not blocked by the OS if "Unknown Sources" option in "Security" inside the android "Settings" its checked that is.

3: Manually install this fake app whatever its name is to get "infected". :bang:

I can't think what to write as a conclusion to the above without being offense or sound like a prick. I think most will get what I'm saying. :P

I must admit sometimes it happened to myself that some "crapware" app manage to bypass me and get downloaded but was either immediately cancelled or deleted if it managed to be downloaded.

NAMEk
Senior Member



Posts: 658
Joined: 2006-05-26

#4814510 Posted on: 05/08/2014 02:30 PM
I would lough out load if saw this

Ven0m
Senior Member



Posts: 1840
Joined: 2005-08-12

#4814511 Posted on: 05/08/2014 02:34 PM
So if I get this right, in order to get "infected" with this ransomware you have to:

1: Somehow ended up in a fake pornography website from your phone. Okay not that hard. :D

2: Initiate a download or if its initiating automatically let it continue. If its not blocked by the OS if "Unknown Sources" option in "Security" inside the android "Settings" its checked that is.

3: Manually install this fake app whatever its name is to get "infected". :bang:

I can't think what to write as a conclusion to the above without being offense or sound like a prick. I think most will get what I'm saying. :P

I must admit sometimes it happened to myself that some "crapware" app manage to bypass me and get downloaded but was either immediately cancelled or deleted if it managed to be downloaded.

It's not only that. By reading this article, I understood that if you have other non-Play-Store sources enabled, they might use some exploit in case you have unpatched browser, which is not that unlikely.

Phone software is frequently insecure, so we might have reached a point in time, where installing antivirus software becomes a good practice.

CrazY_Milojko
Senior Member



Posts: 2647
Joined: 2013-02-26

#4814538 Posted on: 05/08/2014 03:42 PM
I would lough out load if saw this


Believe me, you wouldn't be laughing even if something similar didn't happened to you...

About 10 days ago we had a (middle age female) client, she brought us her Acer Aspire One 752 netbook with Windows 7 Home Premium 64bit she was using for years without any kind of protection: no anti-virus (some idiot who did maintenance of that netbook earlier even disabled Windows Defender), no anti-spyware... nothing!

Few days before she had noticed that wallpaper has changed: black screen with message that her computer is infected with BitCrypt v2.0 (bug fixed) malware, all files (pictures, documents...) are cripted blah, blah... and if she wants to have them back she has to follow procedure in some *.txt file, install Tor browser, go to some link and insert ID of her computer...blah...blah...

At the end the only solution for geting back thousands of her pictures and documents is to pay 230$ ransom and then she will receive program and password on her e-mail with procedure how to unlock all her personal files on HDD of that Acer netbook. There is no other solution at this moment, BitCrypt v2.0 (bug fixed) encription is currently impenetrable...

She was so depressed because of thousands of pictures/memories she can't see anymore and I had shared her pain because she wasn't able to pay a 230$ ransom, but... But when I asked her: "...do you know you aren't using any kind of protection software on that netbook, and you are using that netbook for years!?" ...she answered me: "..yes, I know that...". "... WTF is wrong with you lady, there is dozens of free anti-virus and anti-spyware software out there for personal use!?..." went through mi mind after her stupid answer.

How come anyone be so stupid to use something for years without any kind of protection or backup solution (e.g. external USB HDD), store all kinds of memories and personal files on that thing and expect nothing will happen, ever?!

At the same time I felt sorry and I was mad at her because of her stupidity...

Just to add one more thing: she was blonde....

Koniakki
Senior Member



Posts: 2843
Joined: 2009-09-15

#4814540 Posted on: 05/08/2014 03:45 PM
It's not only that. By reading this article, I understood that if you have other non-Play-Store sources enabled, they might use some exploit in case you have unpatched browser, which is not that unlikely.

Phone software is frequently insecure, so we might have reached a point in time, where installing antivirus software becomes a good practice.

I think the below quoted text from the article is pretty clear. Its just an app to be downloaded and you need to install it in order to get "infected".

Quote from the article:
"However, even if the download succeeds, the Android user will have to manually approve the app's installation."

4 pages 1 2 3 4


Post New Comment
Click here to post a comment for this news story on the message forum.


Guru3D.com © 2023