(http://www.thelivingmoon.com/gallery/albums/userpics/10005/Pay_to_Decrypt_files.jpeg)
Simplocker is targeting Android owners in the Ukraine. Photograph: ESET
Simplocker Android malware locks up your smartphone and demands a ransom for its safe return (http://www.theguardian.com/technology/2014/jun/05/simplocker-android-ransomware-malware-virus)
New strain of criminal software asks for payment to unlock files on SD cards, but is so far confined to Ukrainian region
Tom Brewster
5 June 2014A fresh strain of criminal software has been discovered encrypting the data of Android smartphone owners, then demanding payment to unlock it.
The Simplocker ransomware scans victims' SD memory cards for certain files, including images, PDFs and other documents, and audio files, before locking them using the AES encryption standard, according to security company ESET.
It's the first malware found to be encrypting data on Android phones before demanding payment to decrypt it, according to a blog post by ESET's security intelligence team lead Robert Lipovsky.
Simplocker asks for a payment of 260 Ukrainian hryvnias (£13) to decrypt victims' files, directing them to the MoneXy transfer service.
The malware also sends phone information, such as the IMEI number, to a server controlled by the attackers, which is based on the Tor network. Tor uses encryption and sends communications through a number of difference servers to ensure it's extremely difficult to track users.
In the case of the attackers, it makes their operation that much harder for law enforcement to track and shut down.
Should you be worried?
Not yet, if you're in the West.
Lipovsky said that Simplocker appears to be solely active in the Ukrainian region; is not found on Android's official Google Play Store; and is not currently widespread.
He added that the level of encryption used by Simplocker is significantly weaker than that of Cryptolocker, the aggressive Windows ransomware that global law enforcement authorities have been trying to shut down over the past week.
"While the malware does contain functionality to decrypt the files, we strongly recommend against paying up – not only because that will only motivate other malware authors to continue these kinds of filthy operations, but also because there is no guarantee that the crook will keep their part of the deal and actually decrypt them," Lipovsky added.
Various forms of Android ransomware have been uncovered in recent months. In May, security experts warned about a strain called Koler, which posed as a porn app. It then sent a message claiming to be from police, telling the user they had broken the law by watching indecent material, demanding they pay a fine of $300.
Yet Windows remains the number one target for ransomware. The Guardian reported this week that the Cryptolocker malware has infected as many as 50,000 computers in the UK alone.
(http://www.thelivingmoon.com/gallery/albums/userpics/10005/DAY-1199_22June14-Sunday-FINAL.png)
Just to emphasize the possibility of such, one of my very best friends has just had this similar happen to him, except it was with his computer. I do not have all of the details, except he said his computer was totally blank. Somehow he got a phone number to call, and they did answer the phone. They demanded &199.00. He refused.
He got with Dell, Dell downloaded a tool set to his computer, and then Dell took control of his computer. The did a virus and malware scan, deleting everything they found, and then went through the steps necessary to bring the computer back to fully functional. My friend said that about all he actually lost was his pictures, and one other area that I do not recall what it was.
My friends did have to go through hours of cancellations and renewals of their entire banking and credit card stuff, as all of that data was on their computer files, which were taken over by the attack.
This sort of possibility makes it crucial that everyone in the digital realm needs to have the total computer system backed up on some sort of external (to the computer) storage, and with updating on a continual basis. Of course, there are other reasons for doing this anyway, to have our digital data available just in case........................................ of whatever. Even usb thumb drives are now large enough to easily store the important stuff, if not everything!
Be safe! :)