A NEW ANDROID RANSOMWARE THREAT dubbed 'LeakerLocker' is threatening to publish private information about victims unless they meet its, er, measly demands.
McAfee uncovered the LeakerLocker threat, which it has found lurking in two apps in the Google Play Store, 'Wallpapers Blur HD' and 'Booster & Cleaner Pro', both of which have been well-rated and appear to have been downloaded thousands of times.
It ain't your average Android malware threat, though, as McAfee notes in its research that instead of encrypting a user's files and making them inaccessible, LeakerLocker instead threatens to send the user's private data to friends from his contact list.
According to the lock screen message displayed by LeakerLocker, the malware gathers a users' photos, text messages, call history, Facebook messages, Google Chrome browser data, emails and GPS location history.
"LeakerLocker locks the home screen and accesses private information in the background thanks to its victims granting permissions at installation time. It does not use an exploit or low-level tricks but it can remotely load .dex code from its control server so the functionality can be unpredictable, extended, or deactivated to avoid detection in certain environments," explained McAfee's threat advisory.
"Not all the private data that the malware claims to access is read or leaked. The ransomware can read a victim's email address, random contacts, Chrome history, some text messages and calls, pick a picture from the camera, and read some device information."
The ransomware, or 'Doxware' asks for a $50 payment via a credit card transaction and demands that users cough up within 72 hours.
"We advise users of infected devices to not pay the ransom: Doing so contributes to the proliferation of this malicious business, which will lead to more attacks," McAfee advises. "Also, there is no guarantee that the information will be released or used to blackmail victims again."
Google has been alerted to the threat by McAfee and says is currently investigating it. µ
Some $150,000 in digital currency got swiped
Canadian scientists claim tech could dominate future tech
Alexa, play that 'Let It Go' song 30 times
Webstresser's admins were also arrested as part of major op