How to deal with Ransomware that takes over Android phones and holds them for ransom

• July 13, 2017 06:53

Data on users' Android phones will be completely "frozen" when infected with the SLocker ransomware. How to prevent it?

Hình ảnh, tài liệu trong điện thoại Andoird bị khóa bởi mã độc tống tiền - Ảnh: RemoveMalwareVirus

Images and documents on Android phones locked by ransomware - Photo: RemoveMalwareVirus

Experts from security firm Trend Micro warn that a new type of ransomware targeting Android smartphones is spreading in Asia.

Trend Micro named this malware SLocker, it has a notification interface similar to WannaCry, the ransomware that attacked Windows computers and caused panic for many companies around the world recently.

Cybercriminals distribute SLocker as a free Android game hacking app, video viewing app, or as a fake or embedded app in other popular apps. Once it enters the victim's smartphone, it changes the background to a distinctive red message similar to WannaCry, demanding the victim pay a ransom within 7 days.

Thông báo tống tiền nạn nhân của SLocker khi thâm nhập vào smartphone Android - Ảnh: Trend Micro

SLocker blackmails victims by infiltrating Android smartphones. Photo: Trend Micro

Trend Micro's malware activity tracking system shows that SLocker suddenly broke out in May, concentrated in China. Experts say SLocker was written by "amateurs" because it has weaknesses that are easy to defeat. It does not encrypt Android system files on smartphones, but chooses image, video and document files with a capacity of 10KB to 50MB.

SLocker's next loophole was using the QQ payment service to blackmail victims, and this was what led to the owner of SLocker being tracked down and arrested by Chinese cyber police.

SLocker encryption keys can also be cracked following detailed instructions from Trend Micro.

Although SLocker is a basic form of Ransomware on mobile devices such as Android smartphones, experts warn ordinary users to be careful, so as not to become victims like WannaCry and not be able to react in time.

Three things to keep in mind when dealing with Ransomware include:

* Regularly back up data to an external hard drive or transfer it to "cloud" services.

* Do not download unfamiliar applications from public sharing sources on the internet, only download licensed applications from official app markets such as Google Play.

* Use anti-virus security applications on your smartphone or tablet similar to those on your computer.

According to TTO

RELATED NEWS
Risk of being infected with ransomware when accessing pirated movie sites Vietnam is among the countries with the most people infected with Xavier malware. North Korean hackers suspected of being behind ransomware The most dangerous malware on Android appears