Incase you are claiming that there is nothing like ransomware or think you are protected from any form of malware, here is another one that needs your attention. This is a form of Android ransomware that threatens to send all your private information and web history to all of your contacts.
This ransomware is called LeakerLocker, and it was found in the Google Play Store. Now, this ransomware does not encrypt its victims’ files. Instead, it claims to have made a backup of victims’ data stored on the device.
The perpetrators of the malware demand $50 in exchange for not leaking your personal info to your phone and email contacts. Your personal info at risk includes your web history, emails, location history and more.
LeakerLocker was discovered in two apps in the Google Play Store. These are Wallpaper Blur HD, which has been downloaded up to 10,000 times so far, and Booster & Cleaner Pro, which has been downloaded up to 5,000 times. This means that right now about 15,000 people have already fallen victim to this malware, which has been in the Google Play Store since April. Funnily enough, both apps have good reviews on the Store, which means that the perpetrators have been giving fake reviews of the apps.
Once you download any of these apps, LeakerLocker asks for a large number of permissions, including the ability to manage calls, read and send text messages, and access contacts.
After granting it access, the malware communicates with a receiver, thus initiating the malicious activity and locking the Home screen of the device with an extortion threat. Analysis of the malware code shows that it is capable of accessing an email address, some contact information, Chrome browser history, text messages and calls, and photos from the camera.
Now, the basic form of LeakerLocker demands the ransom via credit card. Researchers have advised victims not to pay up, because there’s no guarantee that the information will be released or will not be used to get at them again.
McAfee researchers have reported the malware to Google, and the offending apps have been removed from the Google Play Store.