Home News Android Ransomware Asking for Bitcoin Using Text Messages to Spread

Android Ransomware Asking for Bitcoin Using Text Messages to Spread

Aug 8, 2019

A new Android ransomware has been found by ESET and this particular ransomware is utilizing text messages in order to spread. Although the ransomware has been active for about a month now, ESET is just releasing more details on how this type of malware works. Anyone in your contacts list could be used to spread the malware through the text messaging option. Read on to learn more about this ransomware, such as how it works, and how it might affect you.

Newest Android Ransomware Spreads Through Text Messages

ESET is warning people that a new ransomware is able to spread using your contacts list and sending out text messages. The actual name for this type of ransomware is Android/Filecoder.C and a thread on Reddit was where it was first distributed online. Pornographic posts on Reddit were how this malware began and the sexual theme is a huge part of this ransomware.

ESET said that most of the time Android/Filecoder.C is found through a fake online sex simulation game, although tech-related apps also have been found to contain this ransomware. After you have downloaded the APK file that’s infected, it will connect to a server and access various addresses.

This ransomware can decrypt files and encrypt files all in the background, so you don’t know this is happening. You won’t be able to access files on your Android device because the malware will encrypt all of your files using an extension. It will also send out text messages and then put your contacts at risk too.

Android Ransomware Requires a Bitcoin Payment

One specific quality of this ransomware is that it will tell you that in order for your files to be decrypted again, you will need to pay a ransom using Bitcoin. The ransom itself can be $90 or it can be up to $200, so the price varies.

This malware can pop up a message in one of 42 different languages. Using this many languages for the ransomware increases the reach of the ransom itself. What’s really weird about this ransomware is that it can detect what language your system is on and choose the language to send out the message so that you can read it.

If you do pay the ransom using Bitcoin, you will get a private key sent to you which allows you to decrypt your files. We also know that the ransomware can send text messages to those on your contacts list, and it will send a link to a certain app using the photos of the recipient. The message will say that your photos are being used on an app, then give you the link to the supposed app. There is a lot of deception here since it’s not a normal app it’s the ransomware acting as an app. A bit.ly link is sometimes used during the text messaging too.

Don’t Pay Bitcoin Ransom Found in Newest Android Ransomware

What we want to tell you is that it’s never a good idea to pay the ransom if you find yourself in this situation or something similar. ESET said that it’s not always true that the files are deleted within 72 hours as the message states. You also can recover your encrypted files utilizing other methods, so there’s no need to pay the hacker to unlock your files. If the few flaws are fixed in this malware, ESET does warn that it could quickly become a more serious issue.

As with almost all of the Android malware out there, the best way to prevent these situations is to not open or download any third-party apps. You also don’t want to just click links in your text messages either, even if someone claims to have seen your photos online in an app somewhere.

You can’t always trust that your contacts are safe, due to malware like this one using your contacts list for the purpose of sending it out to other people. If you are concerned about clicking a link someone sent you, get in contact with them and ask them if they sent you the link on purpose.