14 DAY TRIAL // Another day, another form of malware targeting Android. This time, security company McAfee warns that LeakerLocker is a new type of mobile ransomware that goes after devices running Android using nothing else than applications published in the Google Play Store.
This means it’s not at all difficult to get your device infected, and statistics published in the Google Play Store reveal that thousands of users have already downloaded the compromised apps.
Basically, this ransomware is not encrypting files on the device, but only locking down the phone to steal user data in the background, including email address, contacts, browsing history, text messages and calls, device information, and even take photos with the camera.
The malware then demands the user to pay a ransom or have the data leaked online and submitted to everyone in the contact list, which appears to be a much more effective incentive than encrypting all files stored locally.
Thousands of downloads
McAfee says it has discovered two different apps infected with LeakerLocker in the Google Play store, namely Wallpapers Blur HD and Booster & Cleaner Pro, which we won’t link to for obvious reasons.
There have already been thousands of downloads for each of the two apps, though some of the reviews posted in the Google Play Store question some of the permissions they require, including to contacts and camera. These reviews can often help make a difference between infected and legitimate apps and this is why users are strongly recommended to check them out, especially before downloading unknown apps.
Additionally, always keeping an eye on the permissions they require is an effective way to block compromised apps from infected your device, mostly in the case of apps were access to contacts, like a wallpaper app, doesn’t make any sense.
McAfee says that users whose devices are infected with LeakerLocker shouldn’t pay the hackers, though it’s not clear if there are victims who transferred any money to the virus writers. Google has already been notified about the problem, and the infected apps should go dark anytime soon.