Malicious Android Virus Has Been Caught Making Record Ransom Demands

Check your app permissions people 😐
|
Open Image Modal
anyaberkut via Getty Images

It’s a weekday evening.

You’re on the bus home, catching up on WhatsApps and texts from friends as the dreaded “low battery” warning pops up on screen – yet again.

You remember the app your colleague mentioned – he said it boosts phones’ battery lives – so you download it. 

It takes a couple of minutes to install and then requests permission for admin rights. You click “okay” – it’s just part of the T&Cs, right? 

But as you attempt to return to the home screen, the phone locks and a message flashes on to the screen.

This time, however, it’s not a text or a WhatsApp. It’s a ransom demand.

“You need to pay for us, otherwise we will sell portion [sic] of your personal information on black market [sic] every 30 minutes,” the message reads.

You carry on reading...

WE GIVE 100% GUARANTEE THAT ALL FILES WILL RESTORE AFTER WE RECEIVE PAYMENT. WE WILL UNLOCK THE MOBILE DEVICE AND DELETE ALL YOUR DATA FROM OUR SERVER!TURNING OFF YOUR PHONE IS MEANINGLESS, ALL YOUR DATA IS ALREADY STORED ON OUR SERVERS! WE STILL CAN SELLING IT FOR SPAM, FAKE, BANK CRIME etc… We collect and download all of your personal data. All information about your social networks, Bank accounts, Credit Cards. We collect all data about your friends and family.”

The hackers want you to pay £140 in bitcoin to get your phone unlocked again.

If you don’t, you fear your private life and your bank details will rapidly be unravelled on the dark web.

This isn’t an episode of Mr Robot. It’s a genuine ransomware demand reported by CheckPoint, a cybersecurity firm, earlier this week.

The virus behind it, dubbed Charger, infected an Android device via an app called Energy Rescue, before CheckPoint researchers quarantined the phone. 

Google has since removed the app from its app store, Google Play, and added the malware to Android’s built-in protection mechanisms.

But ransomware is growing in popularity and CheckPoint researchers suggest that Charger’s high ransom fee could be a sign of things to come.

In the few cases where malware has been used to target mobiles, the charges have been small – $15 or so.

But a CheckPoint spokesperson said in a blog: “[This virus’s high demand] could be an indicator of a wider effort by mobile malware developers to catch up with their PC ransomware cousins.”

It’s yet another example of why we should all be keeping a close eye on our app’s permission requests. 

Google has not responded to HuffPost’s request for comment.