A new type of malware found on Android devices can take your mobile photos, videos and documents hostage and hold them for ransom.
According to Ars Technica, and first discovered by Robert Lipovsky of antivirus provider Eset, a trojan called SimpleShocker is locking user’s phones, encrypting their pictures and other content and demanding ransom for restoration. As of now, Android users in eastern Europe are the main target.
In a screenshot posted to Sophos, a hacker is asking for 260 UAH (Ukraine Hryvnia), which is equal to $21, to unlock a device. After the transaction is made at a payment kiosk, the device will unlock within 24 hours. The message typically accuses the user of some type of crime too, such as downloading illegal software.
It’s unknown whether making the payment decrypts the files.
It’s possible to manually remove the malware by rebooting the device while in safe mode,Sophos reports. Although users may lose the encrypted files, they have been retrieved by recovering the AES key stored inside the malware.
The news comes two weeks after some Apple device owners in Australia reported their phones had been hacked and held for ransom. An ominous message appeared on various iPhones, iPads and Mac computers across various regions in Australia urging owners to send $50 to a PayPal account to unlock hacked devices. Device owners said their “Find My iPhone” alarm started wailing at the same time. The prompt said the devices were hacked by “Oleg Pliss.”
It’s not clear whether the incidents in Australia and eastern Europe are connected.