CryptoLocker Copycat holds Android Data for Ransom

Recently authorities have taken down CryptoLocker malware operations there have been reports that there is Android malware called Koler that that claims to encrypt user’s mobile data which could potentially land the user in trouble with the police.

 

Koler encrypts data plus takes over a device’s screen by posting a message that is hard to get rid of.  It can be uninstalled of by simply rebooting your Android device.  There is another malware known as SimpleLocker also known as Andr/Slocker-A that really encrypts users’ data and holds it for ransom just like CryptoLocker does for Windows computers.

 

There have been a number of variants of SimpleLocker and much like Koler, the malware fills a user’s screen with a message that will not go away.  Victims could try to reboot their device to get rid of the malware but users have to be quick because it reappears on the screen pretty fast.  Users might not encounter SimpleLocker if their Android device is configured to download only software from Google Play.  SimpleLocker is not cloud-controlled like CryptoLocker. The malware uses an encryption key that is embedded in the SimpleLocker code itself rather than from command centre.

 

Android has always given IT professional’s shivers because it is such an open operating system. Now there’s another reason: The discovery of Ransomware that encrypts user data.

 

The discovery was made by security vendor ESET, who calls it Android/SimpleLocker. The good news is the ransom demand is made in Russian, with payment demanded in Ukrainian currency. The bad news is there will likely be an English version shortly.

 

Staff at many organizations bring Android devices into the enterprise, forcing a number to move to open mobile policies (BYOD).

 

Here are a few options for companies with Android mobile devices in their network:

  1. Allow staff to use secure devices from BlackBerry and Apple.
  2. Enforce rules that if Android devices are to be allowed, only applications from Google Play can be downloaded.
  3. Separate corporate from personal data on Android devices, although it isn’t clear that will solve the problem.

365 iT SOLUTIONS is a leading IT consulting firm in Toronto. We provide industry leading Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Take advantage of our Complimentary Network and Security Assessment by 365itSolutions.com

Leave a Reply

Ready to get started? Call us now Click Here