They create an SMS fraud that alerts that your photos have been uploaded to a porn app
Table of contents:
If you're using an Android mobile, you probably know that there are a lot of ransomware-type viruses that try to steal your data and then ask you for money. But this one, which we are going to talk about today, is new and will try to convince you that your photos are in a porn application. This new malware, which was first seen on July 12, uses the victim's contact list to send malicious links and continues to spread rapidly.
The operation is similar to that of others, because you receive an SMS warning you that an app is using your photos , when in reality it is a link to a ransomware.Sometimes this link is shortened using the bit.ly service. Despite the fact that the message we show you is in English, it is sent in 42 different languages, including Spanish, customizing a certain part of the message (such as your name) to make it seem totally authentic.
If you click, you will go to an online sex simulator
If you fall into the trap, you'll access an online sex simulator that won't seem dangerous but it will start, in the background, a series command to start encrypting and decrypting files on your mobile trying to seize some information. The application is capable of encrypting most files that are less than 50 MB and do not have the .apk or .dex extension. The operation of the ransomware is very similar to that of the famous WannaCry.
Files are encrypted (apparently) with a key that attackers will give us if we agree to payIt is not recommended, as ESET ensures that it is possible to recover the files without paying, since they are not really encrypted. This does not mean that the malware cannot mutate, and to solve this problem that is preventing the virus from being able to encrypt the files. If that happens, it will be really dangerous.
Currently we don't know how many affected there are but the payment ranges between 0.01xxx bitcoins, and at least 56 people have clicked on Filecoder links, mainly from places like China, the United States or Hong Kong. Avoid clicking anything that sounds weird to you, because we discovered the Agent Smith malware several days ago and we don't want you to get infected with ransomware again. This type of malware is sometimes capable of encrypting your information and if that time comes one of the few ways out will be to pay…
