Ransomware is a class of malicious applications designed to extort money from users by disabling important system functionality or by encrypting their personal files. According to Symantec, Malware known as Android.Fakedefender appears to be a antivirus software but it just locks up the infected device until the user hands over a payment for the “full version” of the app. The so called antivirus software, dubbed Fakedefender, is the first ransomware Symantec has found for a mobile device.
The Android-targeting malware was found early this month hidden in a variety of apps available in online stores aimed at English speakers in several countries but the software was not seen on Google’s official Android store, Google Play. The ransomware is packed inside of a legit-looking Android apps, such as software that pretends to be used for making “free calls” on Skype.Once installed, the app claims to have found viruses. The user may then choose to register the fake antivirus software to remove all the threats. If a user declines, the amount of havoc the malware can create varies from device to device. Because of its instability, the malware can cause the Android operating system to crash or it can lock up the smartphone so no application, including the malware will work. Beyond continuing to deliver fake infection warnings, including pretending to find a cache of porn files on the device, the malware can prevent other apps from being launched. It can cause the device to crash and can change operating system settings.The app could interfere with other apps, and users may not be able to uninstall at all. The operating system can also be affected and for some, a factory reset won’t even be possible, meaning a hard reset will be necessary.Why would a user make a payment? Wouldn’t such a message appear suspicious? In an interview with Mobile Enterprise, Liam O’Murchu, Manager of Operations, Symantec Security Response, said that users may initially think it’s a legitimate app. Some may be worried that they do have explicit material on their phones and others may just want the phone’s functionality back and give in out of inconvenience. Making that one-time payment is like rolling the dice. The pop-up simply goes away, or nothing happens at all.