A new strain of Android ransomware disguised as a video player app uses a means of communication unseen in other similar malware. Most of the victims are in the United States and the mobile crypto-ransomware scam seems to be profitable. According to security researchers, tens of thousands of devices could be infected and to date about 10 percent of the victims have paid up ransoms between $200 and $500. They also stated that its dataset is incomplete and it is likely that more devices are infected and the hackers have pocketed more than the $200,000 to $500,000 estimates. Like most mobile ransomware, these infections begin with the victim downloading a phony application from a third-party app store, in this case a supposed Flash Player app. Once the victim approves installation and the requested permissions, the ransomware encrypts all the data on the phone in exchange for a ransom.
The information provided herein is on "as is" basis, without warranty of any kind.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street