Dangerous malware on Google Play
There has been an attack of two similar pieces of malware that can come bundled with applications which can be downloaded from Google Play.
The name of the malware is LeakerLocker, and it is a malicious piece of ransomware. It acts by threatening the privacy of its victims. What LeakerLocker does is locking the user’s device and displaying a message, which says that all the user’s personal information (for example, pictures) will be sent to their friends.
It differs from other types of ransomware because it does not encrypt any files – instead, it plays on causing embarrassment to the victim, who might pay the money out of desperation.
The message of the malware states that it has made a backup of all the sensitive files, which include all the photos present on the phone, the Internet history, text messages, and the call history.
If the victim does not want all the people from their contact list to receive private data, they have to pay a ransom of $50. It has to be done with the user’s credit card by providing the credit card details.
In case of a successful transaction, there will be a text message displayed, saying:
“Your personal data has been deleted from our servers and your privacy is secured”
However, all of this might not be true – the experts at McAfee discovered that the malware does not have any code that could do such things as transferring the private data to its own servers. It also possibly can’t send the data to the people from the contact list, making it a possible scam.
Despite this fact, LeackerLocker might still implement some malicious actions if the ransom is not paid in time.
How was LeakerLocker distributed?
The two applications responsible for distributing the malware are called “Booster & Cleaner Pro” and “Wallpapers Blur HD”. At the moment, you cannot download them anymore as Google has deleted them after the incident became known.
Unfortunately, many users have already downloaded the applications, infecting their devices in the process. “Wallpaper Blur HD” was downloaded up to 10 000 times, and the second app reached up to 5000 users worldwide.
The huge number of people who downloaded the apps might be due to one trick, implemented by the distributors. Both applications belong to a program that rewards those who download them – the users get some money (a few cents usually), which they can spend on game coins or other applications.
In theory, this is great both to the user and the developer, but it seems that this type of distribution is being used for spreading malware more and more.
Remember, you should never pay a ransom to hackers as this can only encourage them to create more malware.