The CryptoLocker ransomware has been wreaking havoc on desktops for months now, demanding that victims pay hundreds of dollars in exchange for the key to decrypt their locked hard drives. Now a piece of malware along these lines is adding the Android platform to its targets.
The new mobile version of the malware is being sold by the same group responsible for the Reveton ransomware, which has been circulating for more than two years. The goal of all ransomware variants is to extort money from victims in one way or another. In some cases, including Reveton, the attackers use fake warnings from the FBI or other law enforcement agencies telling the victim that he has been found to have visited illegal sites.
CryptoLocker takes this to a different level, encrypting victims’ hard drives with strong encryption and demanding a payment, typically around $300, in order to get access to the private key that will decrypt the drive. The ransomware has spread far and wide in the last year, and scammers often send out links to affiliated domains in phishing emails. When users hit those domains, they could encounter an exploit kit that tries to launch exploits against the victim’s browser.