A new mobile ransomware “LeakerLocker” works without encryption!

Share if you likedShare on Facebook0Share on Google+0Tweet about this on TwitterShare on LinkedIn8

A new type of ransomware called “LeakerLocker” has been discovered that threatens to send your private messages, pictures, and internet browsing history to your friends.

Security researchers from McAfee (security firm) discovered a new kind of mobile ransomware on Google Play store that does not encrypt data. This ransomware request a payment to stop the attacker from publishing the victim’s private information to friends.

According to McAfee:
“Two applications on Google Play carry this threat. “Wallpapers Blur HD” has been downloaded between 5,000 and 10,000 times. It was last updated on April 7. From reviews, we can see that one user complains why a wallpaper app requests irrelevant permissions such as calls, reading and sending SMS, access to contacts, etc.”

The Android ransomware quietly collects private messages, pictures, and internet browsing history then threatens to share it with their friends if they don’t pay $50.

Anyone whose phone is infected with the ransomware is told:
“In less than 72 hours this data will be sent to every person from your telephone and email contacts list.”

“To abort this action you have to pay a modest ransom of $50 (£38).”

“Please note that there is no way to delete your data from our secure but paying for them (sic).”

“Powering off or even damaging your smartphone won’t affect your data in the cloud.”

MacAfee advises infected users to not pay the ransom because this will lead to more attacks. Also, there is no guarantee that the data will be published or used to blackmail victims again.

Share if you likedShare on Facebook0Share on Google+0Tweet about this on TwitterShare on LinkedIn8

Eslam Medhat

is a professional pen-tester with over 9 years of IT experience bringing a strong background in programming languages and application security, ranging from network and system administration to exploit research and development. He reported various vulnerabilities for high profile companies and vendors and was successfully acknowledged by them.

Leave a Reply