The malware — which pretends to be Federal Bureau of Investigation — fools the victim into believing that they are guilty of watching child pornography among other criminal activities. As part of which their device has been locked out. Ransomware encrypts all the files it could find on the system and password protect them. Victims are given a time period of 24 to 12 hours in which they are directed to pay up a large chunk of money if they want to have access to their files again.
“You are guilty of child porn, child abuse, zoophilia or sending out bulk spam. You are a criminal. The Federal Bureau of Investigation has locked you out of your phone and the only way to regain access to all your data is to pay a few hundred dollars.”, the warning users are bestowed with. The group of vicious mind that are behind this malware dubbed ransomware call themselves Eastern European hackers. These people hold the victim’s device on hostage and demand a ransom, hence the name.
Spread of ransomware
Mobile security firm Lookout reports that around 900,000 people have been affected by this ransomware in the last 30 days. The firm is calling this ransomware “ScarePackage,” and according to it, “this is, by far, the biggest U.S. targeted threat of ransomware we’ve seen,” said Jeremy Linden, a senior security product manager at Lookout. “In the past month, a single piece of malware has infected as many devices in the U.S., as a quarter of all families of malware in 2013.” What’s even worse is that there is not just one kind of ransomware out there which is after your mobile devices. Lookout says that is has spotted “ColdBrother,” or “Sypeng,”, another species of ransomware. And this malware is even more dreadful than the one that we are familiar with. ColdBrother is able to take photos from the device’s camera, take and drop phone calls, look into your device for banking applications. These malware were joined by ‘ScareMeNot’, which was discovered just three weeks ago and has affected more than 30,000 Android devices. These infections typically flash a fake user screen, which purports to be from FBI or other intelligence or security firm. At this point, however, we are unsure if the victim is able to regain access to its phone after paying the told amount. It’s being speculated that these malware are being spread through fake apps, or shady websites including porn sites as well. There is no definite cure for it just yet. Although, PC users can unlock their Cryptolocker affected ransomware for free by using Decrypt CryptoLocker tool by security firms FireEye and Fox IT.