Android Users Beware! New Ransomware Spreads via SMS
Android Users Beware! New Ransomware Spreads via SMS

Recently, security researchers have discovered a new ransomware that’s targeting Android smartphones. The new ransomware is spreading over to other devices via the SMS. The security firm explained that the Filecoder ransomware is being spread through malicious posts on popular online forums

Android Users Beware! New Ransomware Spreads via SMS

Well, if you have been using an Android smartphone for a while, then you might know that Android is definitely not the most secure mobile operating systems. Every other day, we read news about hacking attempts targeted towards the Android.

Recently, security researchers have discovered a new ransomware that’s targeting Android smartphones. The new ransomware is spreading over to other devices via the SMS. The reports from the famous security firm ESET claims that the new ransomware named Android/Filecoder.C targets only Android devices and its been active since July 12, 2019.

The security firm explained that the Filecoder ransomware is being spread through malicious posts on popular online forums like Android Developers, Reddit, XDA Developers, etc. Although XDA developers removed the posts containing the malicious codes, the posts on Reddit were still up there.

If any user downloads these malicious files, the ransomware spreads further via SMS containing the malicious links, which are sent to all contacts in the victim’s contact list. The security researchers have stated that the hackers behind this ransomware were using two servers to spread the malicious codes to the victims.

IMG Source: welivesecurity.com
IMG Source: welivesecurity.com

Now you all might be wondering how did the attackers manage to lure victims? Well, they choose to post comments on popular forums. The security firm noted “Mostly, the topics of the posts were porn-related; alternatively, we’ve seen also technical topics used as a lure. In all comments or posts, the attackers included links or QR codes pointing to the malicious apps”

“To maximise its reach, the ransomware picks the language that fits the target device. To maximize its reach, the ransomware has the 42 language versions of the message template… Before sending the messages, it chooses the version that fits the victim device’s language setting. To personalize these messages, the malware prepends the contact’s name to them”

Once the victim installs the app, the app delivers what it promises. However, it silently encrypts the files stored on the smartphone. Once encrypted, the malicious code asks the device owner for a ransom. So, what do you think about this? Share your views with us in the comment box below.



AUTHOR

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.