Security News > 2020 > April > Android ransomware attack spoofs the FBI with accusation of pornography
The attack accuses victims of possessing pornography, encrypts all files on the device, and then instructs them to pay a fine to unlock the data, according to Check Point Research.
After a successful infection on an Android device, Lucy encrypts files and then displays a ransom note in a browser window.
Beyond encrypting the data and locking the device, the attacker warns that the details of this offense have been sent to the FBI Cyber Crime Department's Data Center.
Masquerading as regular video player apps, these samples are able to control infected devices by exploiting the Android accessibility service, which is designed to assist people with disabilities by automating certain user interactions.
"Mobile malware is more sophisticated, more efficient. Threat actors are learning fast, drawing from their experience of past campaigns. The FBI mimic is a clear scare tactic. Sooner or later, we anticipate the mobile world will experience a major destructive ransomware attack. It's a scary but very real possibility. We urge everyone to think twice before accepting or enabling anything while browsing videos on social media."
News URL
Related news
- FBI disrupts the Dispossessor ransomware operation, seizes servers (source)
- FBI Shuts Down Dispossessor Ransomware Group's Servers Across U.S., U.K., and Germany (source)
- Six ransomware gangs behind over 50% of 2024 attacks (source)
- CISA warns of Jenkins RCE bug exploited in ransomware attacks (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds (source)
- Most ransomware attacks occur between 1 a.m. and 5 a.m. (source)
- New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data (source)
- Lateral movement: Clearest sign of unfolding ransomware attack (source)
- BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave (source)