Owners of Android devices beware, after Symantec warned that criminals have begun targeting Android smartphones with software that locks the device until a ransom is paid to get the unlock code.
Known as ransomware, the scam has typically targeted personal computers, where it has become a profitable way for cyber-criminals to fleece consumers whose computers are not adequately protected against these scams.
Now, the aggressive fake antivirus scam has spread to mobile devices as well, Symantec stated in a blog post. A program called Android Defender – not related to a legitimate program of the same name – infects the victim’s device by using a fake installer and then appears to do a scan, finding a number of critical security issues. If the user does not buy the program, it will eventually make the device unusable, said Kevin Haley, director of product management of Symantec’s security response group.
“It is ransomware because it won’t give you your phone back until you pay for it,” he told eWEEK. “It won’t let you start other apps, and keeps throwing up pop-up dialog boxes and notifications.”
Ransomware evolved from fake antivirus scams – also known as scareware – which uses JavaScript on Web sites to pretend to scan a visitor’s system and, unsurprisingly, find a large number of security issues. The software would offer to clean up the infection after installation, but once installed, asked for $30 (£19.46) to $100 (£65) as a subscription fee to the software.
Ransomware takes that scam one step further, locking up the system entirely until the user pays up, with ransom demands varying from $200 (£130) to $500 (£324). In November 2012, for example, Symantec found one ransomware campaign that could earn its criminal operators more than $30,000 (£19,455) a day. On the PC, ransomware typically corrupts system files or encrypts the user’s data to make the PC unusable unless the victim pays. Many ransomware scams use the name and logos of national law-enforcement organisations to scare the victim and dissuade them from reporting the crime to the authorities.
Android Defender appears closer to the original fake antivirus scams of a few years ago, using false detections and pop-up dialogue boxes to convince the user to part with nearly $100 (£65), says Haley. The program has problems as well. On some devices, it locks up the system; on other devices, the user can recover control of the system; and in still other devices, it crashes the system.
“In some cases, users may not even be able to perform a factory data reset on the device and will be forced to do a hard reset, which involves performing specific key combinations and/or connecting the device to a computer in order to perform a reset using software provided by the manufacturer,” Symantec said in a statement.
Any affected phone can be fixed by flashing the device with the original factory firmware, which in most cases, must be done by an authorised dealer.
While Symantec and other antivirus vendors recommend that users install security software on their phones, nearly all Android malware – except in a few isolated cases – can be avoided by downloading applications from official app stores, such as Google Play.
How well do you know security? Try our quiz!
Originally published on eWeek.
Foxconn is expected to begin a foldable iPhone project later this year, says analyst, with…
More job losses for Microsoft, after report tech giant is planning to cut thousands of…
Another setback? Elon Musk's SpaceX rocket explodes into giant fireball during testing at Starbase facility…
Texas Instruments says it will spend more than $60 billion to expand its manufacturing footprint…
New guidelines issued by Dutch government advises that children under 15 should not use social…
Demand for AI skills continues to grow, as Meta allegedly seeks to poach OpenAI staff…
