Android Ransomware Disguises as the NSA

September 3, 2015 at 1:36 pm By

If you’re an Android user and you’ve gotten a strange message from the NSA demanding money in return for a decryption of your personal files, chances are you had a run in with an intelligent Ransomware that isn’t smart enough to realize that using PayPal as a method of paying a fine is a bit too fishy.

“The updated version of Simplocker masquerades on app stores and download pages as a legitimate application, and uses an open instant messaging protocol to connect to command and control servers,” reports Arstechnica.

“The malware requests administrative permissions to sink its hooks deep into Android. Once it’s installed, it announces itself to some victims by telling them it was planted by the NSA—and to get their files back, they’ll have to pay a ‘fine.'”

To many you’d laugh at the message asking you to pay a fine via PayPal but surprisingly enough, the report stated that people have already paid hundreds of thousands of dollars to get their falsely encrypted files back. There is still a select few people who don’t realize that analyzing e-mails or ransomware messages could save you from being scammed.

“Ofer Caspi of Check Point’s malware research team estimates that the number of infected devices so far is in the tens of thousands, but may be much higher,” according to Arstechnica.

“Because the software can’t easily be removed once it is installed, and because the files it encrypts can’t be recovered without it, victims have no choice but to either pay $500 to get their files decrypted or to wipe the device and start from scratch.”

The article also states that the ransomware might be spreading to many more devices. If you see the message, don’t pay the fake fine.

Read the full story.