Trojan app encrypts files on Android devices and asks for ransom
The ransomware model is increasingly being adopted by cybercriminals who target mobile users, one of their latest creations being able to encrypt files stored on the SD memory cards of Android devices.
A new threat dubbed Android/Simplock.A was identified by researchers from antivirus firm ESET over the weekend and while it’s not the first ransomware program for Android, it is the first one seen by the company that holds files hostage by encrypting them.
Other Android ransomware apps seen in the past, like Android Defender, found in June 2013, and Android.Koler, discovered in May, primarily used lockscreen techniques and persistent alerts to disrupt the normal operation of infected devices. “Android/Simplocker.A will scan the SD card for files with any of the following image, document or video extensions: jpeg, jpg, png, bmp, gif, pdf, doc, docx, txt, avi, mkv, 3gp, mp4 and encrypt them using AES [the Advanced Encryption Standard],” the ESET researchers said Wednesday in a blog post.