CyberTechGuide
Tech on the Go!

RansomWare Alert: Android devices are under Attack!

If you have ever encountered a Malware or tried to delete or stop a virus spread, you will understand how agonizing to get hit by a virus/malware is, no matter how small the effect. These programs could be sitting silently on your device waiting for the right time to activate.
Many of these malware are sometimes activated immediately you boot your device while others are constantly transferring your information such as login details, text, messages, chats etc. to the attacker. That is why it is very much advisable to be cautious with your device(computer, phones and smart gadgets in general). If you do not know much about virus & malware but want to know how you can get infected, we made an article not too long ago. Click on the link below to read in details about how your device can get infected.

There is a new family of Android RansomWare that has just been discovered, for the sake of our non-techie members, here’s a brief explanation of what the RansomWare is all about. According to Wikipedia, Ransomware is a kind of malware from cryptovirology that takes steps to distribute the victim’s information or restrict total access to it except if an amount is paid. While some straightforward ransomware may secure the framework in a way which isn’t hard for a tech inclined individual to invert, further developed malware utilizes a system called cryptoviral technique, in which it encodes the victim’s documents, making them unavailable to him/her and requests a ransom to give access back to them. In a properly actualized cryptoviral blackmail assault, recovering the victim’s data without the decoding key is somewhat impossible and since it is hard to trace advanced cryptocurrency, for example, Bitcoin and other digital currency are utilized for the payoffs, making the tracing off the culprits difficult.

The new discovered RansomWare has the ability of diving deep into your Android device and making a dubbed copy of your file folder Android/file folder C, and encrypts the files available in your device then opens up a pop window to we demand for a ransom ranging from $98 to $200.
This RansomWare was said to have been distributed on online forums such as XDA Developers, Reddit, etc. The attackers major technique is to lure potential victims into downloading certain adult contents from a suspicious links. Once downloaded, this RansomWare starts displaying an adult scene simulation and silently carries out it processes by first infecting the victims default SMS messenger. As soon as it has gained access to the victims SMS messenger, it begins to send malicious text messages to your contact list. The messages being sent contains links to the Ransomware, thereby increasing the spread to other Android devices.
This particular RansomWare is so well designed that the link that is advertised to your contacts displays like an app that uses photos of the specific recipient increasing the interest of the recipient to click on the link.

The ESET Security researchers announced that the Android RansomWare has been in circulation since July 12, 2019. It has been said to possess about 42 different language versions of the same singular message template and it chooses the language of attack based on the language settings of the victims Android phone. It is currently targeted at Android phones running on the Android 5.1 and later versions Operating system.
When the message sending process has been completed by the RansomWare, it dives into the storage device that is accessible on the victims device and starts its encryption and decryption process. The Android RansomWare makes use of hardcoded command and control (C2) settings and processes it’s ransom via a bitcoin wallet address.
However, this Android RansomWare has not been able to grab typical android extensions such as the .apk and .dex file format and also compressed file format which are based on .zip And .rar format.
This is why we advice individuals to always be cautious online, mind the links you click on. Only visit trusted and legit websites to get reliable information. Kindly share this article it could save a friend or a loved one. We welcome comments as well to keep us motivated to post more beneficial articles.

Leave A Reply

Your email address will not be published.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More