Security Analyst – Jeff Soehner CISSP, GXPN,GPYC,GMOB,GCIH

Just when you though it was safe to use your android smart phone there are several vulnerabilities you should be aware of (great now I need to monitor and patch my cell phones too? – yes Virginia, just one more thing you need to do this week).

There are reported connections from a Command and Control server (C2) located in Canada and Germany for a new ransomware for your phone that impersonates the FBI. Claiming that it detected pornographic images on your phone this message asks you to pay a fine of $500 and as proof it shows you a picture of yourself (taken with a front facing camera) and your Internet IP address of the phone (everyone has a data plan nowadays right?)

Using a hidden feature of your phone, it can wake your device out of idle and report in to a C2 every minute without any sign that it is doing so (you might be noticing that your battery life has gotten quite poor, this would probably require additional power). It will also give the attackers a way to connect to your device using a backdoor.

Read more about it here – http://blog.fortinet.com/post/locker-an-android-ransomware-full-of-surprises

Edit: This is just another variant of the same ransomware family reported earlier this year. (See here). Unfortunately there is no Anti Virus for mobile phones that have heuristic scanning so don’t rely on anything you have installed to protect you from these types of attacks.