Ransomware is a tricky piece of malware that locks down the precious files located on a victim’s computer, then (in theory) will return access to them when a ransom has been paid. Depending on the files stored on a victim’s computer, they might simply blow it off and not worry too much about losing access to a couple of pictures or videos--but what if this ransomware threatened to expose your web browsing history?
Would you pay money to keep your browsing history secret? This is the key point behind a new ransomware called LeakerLocker. LeakerLocker, an Android-exclusive variant of ransomware, attempts to extort money from its victims by threatening them with their mobile device’s browser history. It seems like a simple choice to make; $50 to keep your browsing history private. Other information claimed to be stolen includes photos, videos, Facebook messages, location history, and other sensitive information.
In essence, this ransomware uses the fear of embarrassment to get its victims to fork over some cash.
Discovered by researchers at McAfee, LeakerLocker doesn’t appear to actually encrypt any information found on the device, making it the exception to the typical ransomware variant. Instead, LeakerLocker claims that it has taken a backup of the data on the device, which it will then proceed to threaten the user with. Users have contracted this ransomware by downloading two apps on the Google Play Store, which have both been removed since: Wallpapers Blur HD and Booster & Cleaner Pro.
LeakerLocker asks for an incredible amount of permissions on your device, including the ability to read and send messages, manage calls, and access contacts. It then locks down the device and places a ransom message on the lock screen. Since users will grant LeakerLocker permissions at the time of downloading, it gains access to information which it uses to convince victims that they must pay the ransom. Whether or not is has stolen all of the information it claims to is another story altogether, but it’s been found that the ransomware can access information like email addresses, browser history, text messages, calling history, and even pictures from the camera.
As is the case with ordinary ransomware, it’s best to not pay the ransom. After all, any money that’s sent to hackers who have locked down your device is funding their next campaign--something that you don’t want on your conscience. Furthermore, there is no guarantee that you’ll even get your data back, so there is no reason to assume you can.
For more information on how to stay safe online, be it on a desktop or a mobile device, reach out to Symmetric Engineering Group at (813) 749-0895. We can help your organization implement solutions that minimize the risk of running into malicious applications.