security researchers found recently on the Android platform a virus known as Android/Simplocker software. The software through Trojan program for photo, video, files stored in the device for encryption, such as the users pay for ransom after termination.
antivirus software provider Eset virus research expert Robert Lipovsky said the virus is still in the test stage, the virus has been positioning software.
there are Russian users have been attacked, and demand in Ukraine currency (in the) pay a ransom, indications that the virus attack range is mainly focus on eastern Europe. However, the malicious virus Trojan program combines social engineering in software, strong encryption and complete network architecture, is still very widespread dissemination and the attack – the first Android Trojan also appeared for the first time in the region.
once malicious virus software successfully installed the Android devices, the software will pop up the following information:
note: your phone has been locked.
after locking the device would be used to watch and share the bad video.
to unlock the phone you need to pay 260 Gerry’s ($32) , the steps are as follows:
choose the nearest Kiosk payment terminal
, the selected MoneXy
Credits, Gerry, and choose to pay 260
please be sure to save the receipt.
payment after 24 hours, your device will be unlocked.
without payment to unlock your phone’s data will be cleared.
this virus scans equipment in the SD card jpeg, JPG, PNG, BMP, GIF, PDF, doc, docx, TXT, avi, MKV, 3 gp, mp4 format file, and strong encryption for such documents. Has yet to determine whether the ransom after delivery would be able to unlock. Eset suggest users do not pay a ransom.
according to the information security mechanism using last Friday, if the user doesn’t mind lost encrypted files, you can reboot into safe mode and manually remove the virus software. Using also mentioned that allows users to restore the virus software of AES keys to try to find encrypted file, this way, of course, still need some technical support.
according to Eset analysis, the virus software placed inside a called Sex Xionix applications. Search on Google Play is less than the application name, therefore concluded that the application may come from an unknown third party platform. Here again remind users in the Google Play outside platform software, be sure to think twice before, especially used fewer downloads, developers name strange more to be careful, after all, Google official will appear in the shops of malicious software.
on the other hand, now locking device to ransom virus is emerge in endlessly. In eight months ago, the infamous Cryptolocker is locked and most of the data in the PC hard disk for ransom $300; Last month the Android platform also reported a similar to the Simplocker malicious software; Even is famous for its security iOS platform at the end of last month was remotely lock and leaky Find My iPhone for ransom.
have to say that the virus is very dangerous, information security need to be careful.