New Android ransomware afflicts mobile users browsing porn site

33comments
New Android ransomware afflicts mobile users browsing porn site
Studies have shown that Android users like to watch the naughty stuff on their devices more frequently than their iOS-wielding counterparts. A new piece of ransomware seems to be taking advantage of this fact by injecting malicious code into Android devices browsing a particular, as yet undisclosed porn site. From there, the familar array of government warnings and threats of litigation are used in an effort to cajole a user into coughing up hundreds of dollars. 

So as to obscure any paper trail, users are told to pay their dues by means of iTunes Store gift codes. Presumably, these codes are then sold on to unwitting purchasers who think they're getting a good deal, but are instead implicating themselves in an extortion scam. 

According to the experts at Blue Coat, a device can be infected by the 'Cyber.Police' malware by simply visiting the unnamed adult website. No APK is installed, as is so often the story with these sorts of attacks. Rather, the malicious code takes advantage of vulnerabilities within Android 4.0 Ice Cream Sandwich through to Android 4.3 Jelly Bean, while those on Android 4.4 KitKat may also find themselves susceptible to a similar attack. Once it has its claws in, users are met with pop-ups that the device has been 'blocked' by authorities, and the situation can only be rectified by paying the fine in iTunes gold. 

Shedding further light on the activities and behaviors of the ransomware, Blue Coat notes: 


This isn't the first time that adult material has been used in an effort to coerce innocent surfers into paying huge fines. As we've seen in the past, attackers will use all the tricks in the book to get hold of your cash. But while these scams seek to catch people out when they're perhaps not in their usual state of mind, one would hope that most could still see it far-fetched that the U.S. Treasury should ever accept iTunes credit adequate remuneration. 

Recommended Stories
Those affected by the malware can take some solace in that factory reset should clear things up. BlueCoat has yet to roll out its full report on the matter, though advises users to keep sensitive files like photos, videos and similarly important data backed up in a secure location separate to a device or its memory card. This way, should an attack occur, a factory reset should be relatively painless.

Additionally, those looking to avoid getting caught up by the Cyber.Police or similar nasties should steer clear of sites that they don't know or trust. 

source: Blue Coat via Phandroid

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless