Jump to content

Invite Scene - #1 to Buy, Sell, Trade or Find Free Torrent Invites

#1 TorrentInvites Community. Buy, Sell, Trade or Find Free Torrent Invites for Every Private Torrent Trackers. HDB, BTN, AOM, DB9, PTP, RED, MTV, EXIGO, FL, IPT, TVBZ, AB, BIB, TIK, EMP, FSC, GGN, KG, MTTP, TL, TTG, 32P, AHD, CHD, CG, OPS, TT, WIHD, BHD, U2 etc.

LOOKING FOR HIGH QUALITY SEEDBOX? EVOSEEDBOX.COM PROVIDES YOU BLAZING FAST & HIGH END SEEDBOXES | STARTING AT $5.00/MONTH!

Koler Android Ransomware Learns to Spread via SMS


Crypto

Recommended Posts

 
ANDROID-MALWARE.jpg
Users of Android operating system are warned of a new variant of Android malware Koler that spreads itself via text message and holds the victim’s infected mobile phone hostage until a ransom is paid.
 
Researchers observed the Koler Android ransomware Trojan, at the very first time, in May when the Trojan was distributed through certain pornographic websites under the guise of legitimate apps. It locks the victim’s mobile screen and then demands money from users with fake notifications from law enforcement agencies accusing users of viewing and storing child pornography.
 
ANDROID SMS WORM
Recently, researchers from mobile security firm AdaptiveMobile has discovered a new variant of the rare piece of mobile malware – named Worm.Koler â€“ that allows the malware to spread via text message spam and attempts to trick users into opening a shortened bit.ly URL, turning Koler into an SMS worm.
 
 

Once the device is infected by the Koler variant, it will first send an SMS message to all contacts in the device's address book with a text stating, "Someone made a profile named -[the contact's name]- and he uploaded some of your photos! is that you?" followed by a Bitly link, according to the security firm.
 
When a victim clicks on the Bitly link, he or she is then redirected to a Dropbox page with a download link for a 'PhotoViewer' app that, if installed, will push a ransom screen to pop up incessantly on the users' screen. The ransom message reads that the device has been locked up because of having illicit content and users must pay $300 via MoneyPak to 'wave the accusations.'

"

The device appears to be completely locked down with the screen on the phone blocked, so the user won't be able to close the window, or deactivate the malware through the app manager,

" reads the 

blog post

. "

The victim is forced to buy a voucher as instructed on the blocking page, and send the voucher code to a malware author

."

INFECTION SPREADING RAPIDLY
The Worm.Koler is capable of displaying localized ransomware messages to users from at least 30 countries, including the U.S., where three quarters of the latest Koler variant infections were seen by the firm, and smaller number of infections were also being detected in parts of the Middle East.

"

Due to the Worm.Koler's SMS distribution mechanism, we are seeing a rapid spread of infected devices since the 19th of October, which we believe to be the original outbreak date

," the blog post states. "

During this short period, we have detected several hundred phones that exhibit signs of infection, across multiple US carriers. In addition to this, other mobile operators worldwide—predominantly in the Middle East, have been affected by this malware.

"

HOW TO PROTECT YOURSELF
If users suspect they are infected by the malware, they should never authorize any payment as it won't guarantee the unlocking of your device, as well as it will further encourage cyber criminals to carry out such ransomware practices again and again.
 
Koler does not encrypt files, according to the security firm, therefore it becomes easy for users to eliminate the threat from their infected devices by following two simple steps:
 
  • Reboot your phone in the "Safe Mode"
  • Remove the 'PhotoViewer' app using standard Android app uninstallation tool
In order to protect yourself from such threats in future, the best practice is to have the "Unknown Sources" option turned off in your Android device' security settings menu. Turning off of this option won't let users to install applications from unknown sources, but only from the official Google Play store.
 
                                Add Rep and Leave a feedback
                    Reputation is the green button in the down right corner on my post

 

  • Upvote 2

do you understand            if you having fun?                  it's a rising sun                           it's a man killing                              what's that feelin'

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Check out what our members are saying

  • Our picks

×
×
  • Create New...