A SUSSEX UNIVERSITY STUDENT has neutralised the Simplelocker ransomware that has been targeting Android devices by flexing his Control Key.
PHP developer Simon Bell successfully reversed the ransomware after realising that the decryption algorithm and passwords were hidden within the virus's source code.
The Simplelocker virus uses AES encryption to render the SD cards of victims completely inaccessible, with an on-screen message warning that a ransom of 260 Urkanian hryvinas, or roughly £12.50, will be needed in order to unlock them, lest they be destroyed forever.
Simpleware used the Tor network to pass communication between the phone and the culprits anonymously. This means that it is almost impossible to identify the culprits and therefore deactivating it is even more important.
In his blog, Simon Bell wrote, "The antidote for this ransomware was incredibly easy to create because the ransomware came with both the decryption method and the decryption password. Therefore producing an antidote was more of a copy-and-paste job than anything."
But he went on to warn, "Since the Simplelocker ransomware is a proof-of-concept, the antidote provided here is simply a solution to this proof-of-concept. Future versions of advanced smartphone ransomware will likely prove significantly harder to reverse engineer."
Bell provided the "antidote" as a Java applet that can be converted into an apk file, which will sweep the SD card for encrypted files and decrypt them. The Android mobile operating system is known to be a magnet for malware, with a recent study showing that 99 percent of all mobile bad news is aimed at the Android ecosystem. µ
Sign up for INQbot – a weekly roundup of the best from the INQ