New Android malware holds your handset hostage until you pay a ransom


The next malware attack you run into on Android could cost you hundreds of dollars. Researchers have discovered a new trojan that holds your handset hostage until you’ve paid a heavy ransom, and its fear-mongering tactics are designed to make you cough up quick.

After making its way onto your device, “Android-Trojan.Koler.A” displays a supposed FBI warning that accuses you of viewing or storing “banned pornography.” It tells you your handset has been blocked, and it restricts access to many important functions — including your home screen — rendering your device useless until you pay a $300 “fine.”

The malware uses your handset’s geolocation data and other information to provide tailored warnings that include your location and IP address. To unsuspecting victims, this makes the notices appear genuine, and scares users into thinking that the FBI knows exactly where they are.

But that’s not the scariest bit.

The warning then says “you are accused of committing the crime envisaged by Article 161 of United States of America Criminal law.” It claims the user is suspected of viewing or storing banned pornography and copyrighted content.

android-ransomware-640x1066This is obviously designed to panic us. Those who believe it is genuine are more likely to quickly pay the $300 fine to settle the case to ensure it goes no further. In some cases, paying the fine also allows the user to regain control of their device, ArsTechnica reports.

“Ransomware,” a term used to describe malware that disables computers and other devices until a “fine” it paid to a purported law enforcement agency, isn’t new. In fact, the exact same notice used in this particular scam was also used in a ransomware scam that affected Windows PCs last year.

Bitdefender Senior E-Threat Analyst Bogdan Botezatu explained to ArsTechnica that the hack displays a browser window over the top of all other apps. You can close it briefly by pressing your device’s home button, but a built-in timer will ensure that it pops right back up again a few seconds later.

This kind of attack was previously unheard of on Android, but with mobile antivirus solutions getting better by the day, hackers must develop news ways to scam us. The good news is, this particular attack only makes its way onto your device when you visit certain pornography sites.

Providing you steer clear of the smut, then — or just stick to reputable sources — you should quite easily be able to avoid it. You can also stay safe by ensuring you only install apps obtained from Google Play or other trusted app stores, and not by side-loading APKs downloaded from dodgy websites.