Android Faces New Ransomware Scam, Symantec Warns

Owners of Android devices beware, after Symantec warned that criminals have begun targeting Android smartphones with software that locks the device until a ransom is paid to get the unlock code.

Known as ransomware, the scam has typically targeted personal computers, where it has become a profitable way for cyber-criminals to fleece consumers whose computers are not adequately protected against these scams.

Fake AV

Now, the aggressive fake antivirus scam has spread to mobile devices as well, Symantec stated in a blog post. A program called Android Defender – not related to a legitimate program of the same name – infects the victim’s device by using a fake installer and then appears to do a scan, finding a number of critical security issues. If the user does not buy the program, it will eventually make the device unusable, said Kevin Haley, director of product management of Symantec’s security response group.

“It is ransomware because it won’t give you your phone back until you pay for it,” he told eWEEK. “It won’t let you start other apps, and keeps throwing up pop-up dialog boxes and notifications.”

A typical ransomware page

Ransomware evolved from fake antivirus scams – also known as scareware – which uses JavaScript on Web sites to pretend to scan a visitor’s system and, unsurprisingly, find a large number of security issues. The software would offer to clean up the infection after installation, but once installed, asked for $30 (£19.46) to $100 (£65) as a subscription fee to the software.

Ransomware takes that scam one step further, locking up the system entirely until the user pays up, with ransom demands varying from $200 (£130) to $500 (£324). In November 2012, for example, Symantec found one ransomware campaign that could earn its criminal operators more than $30,000 (£19,455) a day. On the PC, ransomware typically corrupts system files or encrypts the user’s data to make the PC unusable unless the victim pays. Many ransomware scams use the name and logos of national law-enforcement organisations to scare the victim and dissuade them from reporting the crime to the authorities.

Criminal Scam

Android Defender appears closer to the original fake antivirus scams of a few years ago, using false detections and pop-up dialogue boxes to convince the user to part with nearly $100 (£65), says Haley. The program has problems as well. On some devices, it locks up the system; on other devices, the user can recover control of the system; and in still other devices, it crashes the system.

“In some cases, users may not even be able to perform a factory data reset on the device and will be forced to do a hard reset, which involves performing specific key combinations and/or connecting the device to a computer in order to perform a reset using software provided by the manufacturer,” Symantec said in a statement.

Any affected phone can be fixed by flashing the device with the original factory firmware, which in most cases, must be done by an authorised dealer.

While Symantec and other antivirus vendors recommend that users install security software on their phones, nearly all Android malware – except in a few isolated cases – can be avoided by downloading applications from official app stores, such as Google Play.

How well do you know security? Try our quiz!

Originally published on eWeek.

Robert Lemos

Robert Lemos covers cyber security for TechWeekEurope and eWeek

Recent Posts

SoftBank Promises To Invest $100bn In US

Japanese tech investment firm SoftBank promises to invest $100bn during Trump's second term to create…

7 hours ago

Synopsys, SiMa.ai To Collaborate On AI Car Chips

Synopsys to work with start-up SiMa.ai on joint offering to help accelerate development of AI…

7 hours ago

AI Start-Up Basis Raises $34m For Accountancy Agent

Start-up Basis raises $34m in Series A funding round for AI-powered accountancy agent to make…

8 hours ago

Databricks Raises $10bn In Huge AI Funding Round

Data analytics and AI start-up Databricks completes huge $10bn round from major venture capitalists as…

8 hours ago

Congo Files Complaints Against Apple Over Conflict Minerals

Congo files legal complaints against Apple in France, Belgium alleging company 'complicit' in laundering conflict…

9 hours ago