ANDROID USERS READ
Fri May 09, 2014 12:14
Android porn browsers warned to watch out for Koler.A ransomware
BitDefender claims new malware is the work of gang behind existing Reveton / IcePol network, but it's removable
Pornography users have long been targets for malware, and those using Android devices are no exception, according to a new report from security firm BitDefender.
It claims to have identified a new piece of ransomware – a category of malware that attempts to restrict victims' access to their device and/or files until they pay a ransom – called Android.Trojan.Koler.A.
It infects devices when their owners are browsing certain porn sites. "As the user browses, an application that claims to be a video player used for premium access to pornography downloads automatically," explained BitDefender in a blog post.
The company believes this new malware is the work of the gang behind the Revetol / Icepol trojan, which infected hundreds of thousands of PCs in 2012 and 2013. "It was just a matter of time until the highly prolific gang behind the Reveton / IcePol network made a move on Android," it suggests.
Android.Trojan.Koler.A isn't quite the same as Reveton / IcePol, because it can't install itself on someone's Android device: they have to have enabled sideloading in their settings, then tap an 'Install' button when prompted to install what they think is a video player.
Once installed, it identifies its victim's location and shows them a webpage with a warning in their language: "Attention! Your phone has been blocked up for safety reasons listed below. All the actions performed on this phone are fixed. All your files are encrypted. CONDUCTED AUDIO AND VIDEO".
The page also claims that they have "violated World Declaration on non-proliferation of child pornography" as well as flouting copyright infringement laws, warning of possible jail terms for both. And then it tries to charge a $300 ransom to remove the threat.
"The bad news is that by the time you see the message, the bad guys already have your IMEI on file," said BitDefender's chief security strategist Catalin Cosoi, who also noted that Koler.A doesn't have the necessary permissions to actually encrypt victims' files.
"The good news is that Koler.A can be easily removed by either pressing the home screen and navigating to the app, then dragging it on the top of the screen where the uninstall control is located, or by booting the device in safe mode and then uninstalling the app."
The blunt solution: don't visit porn sites on your Android device that ask you to download a premium video player. But if you do catch this particular strain of malware, don't be taken in by its threats.
BitDefender is concerned that there may be more to come from its developer. "The Android version of Icepol might be a test-run for cyber-criminals to see how well this type of scam can be monetised on mobile platform," said Cosoi.
"If this is the case, we should expect much more sophisticated strains of ransomware, possibly capable of encrypting files, to emerge shortly."
Android.Trojan.Koler.A is not the first example of ransomware on Android though. In June 2013, security firm Symantec discovered Android.Fakedefender, which also threatened to lock up Android devices once infected.
That September, it identified another strain from the same developers, Android.Fakedefender.B, which tried to charge victims $100 to unlock their device.
STAY SAFE, READ THIS
1. Be cautious when installing apps
Using the Google Play Store to download apps (or Amazon’s Appstore if you own one of its devices) already makes you among the more secure tiers of Android users – many dodgy apps are distributed through third-party Android app stores rather than the official ones.
Still, it’s best to exercise caution, especially when you happen upon what looks like a brand new version of a popular game. Candy Crush Saga, Angry Birds, Clash of Clans… fake versions of these regularly appear, so if something sets off warning bells (Candy Crush Saga 2, anyone?) it’s worth googling its title and checking its developer’s website to see if it’s a fake.
Also, read the reviews on the Google Play store – a surfeit of one-star reviews is a sign that something's wrong – and check the permissions that an app asks for before you install it. If anything here sets off warning bells – or simply makes you uncomfortable – it's a good prompt to walk away.
2. Watch out for phishing / SMS
Security on Android isn't just about the apps that you install on your phone. As with any device – Android or otherwise – be on your guard for phishing, sites that try to get you to enter personal data and/or credit card details. Text messages and emails can all be phishing methods, and just because you're on your phone doesn't make them less dangerous.
Combating phishing on Android isn't so different from on your computer: useful advice from the Citizens Advice Bureau, Microsoft and Symantec will get you up to speed, while an additional tip is to never tap on a link in a text message from someone you don't know – even if it looks like a company you do business with.
3. Lock screen security
Another point that applies to every smartphone OS, not just Android. Have you got your device's lock-screen settings sorted, so that if it gets stolen, the thief can't access your apps and data? Google’s default settings will see you fair, but there are some third-party apps that take interesting and unusual spins on unlocking the phone.
Picture Password Lockscreen, for example, gets you to unlock your phone by drawing points, lines and circles on any image you like. ERGO scans your ear and then gets you to unlock the device by holding it up to said lug. Fingerprint Scanner LockScreen is a cheeky Android equivalent of Apple’s iPhone 5s’ Touch ID – it pretends to scan your fingerprint, but really it’s just measuring how long your thumb rests on the screen.
4. Consider anti-virus software
If you'd still like to take the extra step of installing anti-virus software – or if you're thinking of putting it on the device of someone else (an older parent, for example) – a number of options are available from the big names of the security world.
AVAST Software's Mobile Security & Antivirus, Bitdefender's Mobile Security & Antivirus, Lookout Security & Antivirus, Kaspersky Internet Security, Trend Micro's Mobile Security & Antivirus, Norton Security antivirus and McAfee Antivirus & Security all have four-star-plus ratings on Google play from thousands of reviewers, with the competitive market meaning they add new features regularly.
Which you choose depends more on which you've used on your computer before, but all offer a good level of security if you're concerned.
5. Consider a parental control app
You can follow many of the steps above, but can your children if they’re using your device, or have their own Android tablet and/or smartphone? A number of companies are trying to help with this challenge too, with parental control software capable of ensuring children don’t install apps that they shouldn’t, or compromise data on a shared device.
Kids Place, Famigo, MMGuardian and Norton Family are four of the most popular examples, with varying features to control what apps are installed, what sites are being visited, and to set time limits on usage – and in some cases, add time as a reward for good behaviour.
Alternatively, you could spend a bit of time getting to grips with Android’s default features to set up different user profiles on a tablet, and make some of them restricted – found via the users option in your settings menu. But parenting skills are also important here: talking to your children about safe usage of their Android device is as important as trying to lock it down for them.
You can surf for porn on a cell phone now ?? I thought they were just for meeting your connection and ordering pizza's i'll be damned....
Nice Post Bro
Mon Jun 16, 2014 00:36