Android Simplelocker ransomware encrypts SD card files

[webfact]

Android Simplelocker ransomware encrypts SD card files
By Leo Kelion
Technology desk editor

(BBC) A security firm says it has found the first confirmed case of ransomware that encrypts files held by Android devices.

Eset reports that the Trojan - called Simplelocker - targets SD cards slotted into tablets and handsets, electronically scrambling certain types of files on them before demanding cash to decrypt the data.

The message is in Russian, and payment is requested in Ukrainian currency.

One expert said the threat was noteworthy, but limited at this stage.

Source: http://www.bbc.com/news/technology-27703318


-- BBC 2014-06-05

[Zumteufel]

A consequence of the weak control of the apps in the Google Play Store. As annoying as Apple's requirements are for submitting apps to their app store store, it does have its reasons: One being protecting people (and the stores' reputation, of course).

[matt42]

A consequence of the weak control of the apps in the Google Play Store. As annoying as Apple's requirements are for submitting apps to their app store store, it does have its reasons: One being protecting people (and the stores' reputation, of course).

Where does it say this has anything to do with an application downloaded from the Google Play Store? Actually it specifically mentions the dangers of downloading things not in the operating systems official app stores. Whatever system you use.

[Jonmarleesco]

The rebels must be running short of funds.

[belg]

problem is all kind of malware can be installed by already installed apps , even during an update of your favorite game or whatever...

[Pib]

A consequence of the weak control of the apps in the Google Play Store. As annoying as Apple's requirements are for submitting apps to their app store store, it does have its reasons: One being protecting people (and the stores' reputation, of course).

Guess Apple has tightened up (or not)...here's a story from mid 2012 regarding virus infected app from the Apple Store (also on Google Play)....basically the infected app would steal your contacts data and spam your contacts. Link

[aaacorp]

A consequence of the weak control of the apps in the Google Play Store. As annoying as Apple's requirements are for submitting apps to their app store store, it does have its reasons: One being protecting people (and the stores' reputation, of course).

I'd rather be prudent than being hold hostage of "Daddy's approved it"...by building up your logic you may find China's government more suitable for you...

[KonaRain]

Righto, Tubemate insists You only download updates from their recommended providers..!

Alohzwindow.mod_pagespeed_start = Number(new Date());

A consequence of the weak control of the apps in the Google Play Store. As annoying as Apple's requirements are for submitting apps to their app store store, it does have its reasons: One being protecting people (and the stores' reputation, of course).

Where does it say this has anything to do with an application downloaded from the Google Play Store? Actually it specifically mentions the dangers of downloading things not in the operating systems official app stores. Whatever system you use.

A consequence of the weak control of the apps in the Google Play Store. As annoying as Apple's requirements are for submitting apps to their app store store, it does have its reasons: One being protecting people (and the stores' reputation, of course).

A consequence of the weak control of the apps in the Google Play Store. As annoying as Apple's requirements are for submitting apps to their app store store, it does have its reasons: One being protecting people (and the stores' reputation, of course).

Guess Apple has tightened up (or not)...here's a story from mid 2012 regarding virus infected app from the Apple Store (also on Google Play)....basically the infected app would steal your contacts data and spam your contacts. Link

(function(){var e=window,f=Math,g="round",h="performance";e.pagespeed=e.pagespeed||{};var q=e.pagespeed;

q.getResourceTimingData=function(){if(e[h]&&(e[h].getEntries||e[h].webkitGetEntries)){for(var r=0,s=0,k=0,t=0,l=0,u=0,m=0,v=0,n=0,w=0,p=0,c={},d=e[h].getEntries?e[h].getEntries():e[h].webkitGetEntries(),b=0;b<d.length;b++){var a=d.duration;0<a&&(r+=a,++k,s=f.max(s,a));a=d.connectEnd-d.connectStart;0<a&&(u+=a,++m);a=d.domainLookupEnd-d.domainLookupStart;0<a&&(t+=a,++l);a=d.initiatorType;c[a]?++c[a]:c[a]=1;a=d.requestStart-d.fetchStart;0<a&&(w+=a,++p);a=d.responseStart-d.requestStart;

0<a&&(v+=a,++n)}return"&afd="+(k?f[g](r/k):0)+"&nfd="+k+"&mfd="+f[g](s)+"&act="+(m?f[g](u/m):0)+"&nct="+m+"&adt="+(l?f[g](t/l):0)+"&ndt="+l+"&abt="+(p?f[g](w/p):0)+"&nbt="+p+"&attfb="+(n?f[g](v/n):0)+"&nttfb="+n+(c.css?"&rit_css="+c.css:"")+(c.link?"&rit_link="+c.link:"")+(c.script?"&rit_script="+c.script:"")+(c.img?"&rit_img="+c.img:"")}return""};q.getResourceTimingData=q.getResourceTimingData;})();

(function(){var c=encodeURIComponent,g=window,h="performance";g.pagespeed=g.pagespeed||{};var l=g.pagespeed,m=function(f,a,d,{this.c=f;this.a=a;this.b=d;this.d=b};l.beaconUrl="";

var n=function(f){var a=f.c,d=g.mod_pagespeed_start,b=Number(new Date)-d,a=a+(-1==a.indexOf("?")?"?":"&"),a=a+"ets="+("load"==f.a?"load:":"unload:"),a=a+b;if("beforeunload"!=f.a||!g.mod_pagespeed_loaded){a+="&r"+f.a+"=";if(g[h]){var b=g[h].timing,e=b.navigationStart,k=b.requestStart,a=a+(b[f.a+"EventStart"]-e),a=a+("&nav="+(b.fetchStart-e)),a=a+("&dns="+(b.domainLookupEnd-b.domainLookupStart)),a=a+("&connect="+(b.connectEnd-b.connectStart)),a=a+("&req_start="+(k-e)),a=a+("&ttfb="+(b.responseStart-

k)),a=a+("&dwld="+(b.responseEnd-b.responseStart)),a=a+("&dom_c="+(b.domContentLoadedEventStart-e));g[h].navigation&&(a+="&nt="+g[h].navigation.type);e=-1;b.msFirstPaint?e=b.msFirstPaint:g.chrome&&g.chrome.loadTimes&&(e=Math.floor(1E3*g.chrome.loadTimes().firstPaintTime));e=e-k;0<=e&&(a+="&fp="+e)}else a+=b;l.getResourceTimingData&&g.parent==g&&(a+=l.getResourceTimingData());a+=g.parent!=g?"&ifr=1":"&ifr=0";"load"==f.a&&(g.mod_pagespeed_loaded=!0,(b=g.mod_pagespeed_num_resources_prefetched)&&(a+=

"&nrp="+,(b=g.mod_pagespeed_prefetch_start)&&(a+="&htmlAt="+(d-));l.panelLoader&&(d=l.panelLoader.getCsiTimingsString(),""!=d&&(a+="&b_csi="+d));l.criticalCss&&(d=l.criticalCss,a+="&ccis="+d.total_critical_inlined_size+"&cces="+d.total_original_external_size+"&ccos="+d.total_overhead_size+"&ccrl="+d.num_replaced_links+"&ccul="+d.num_unreplaced_links);""!=f.b&&(a+=f.;document.referrer&&(a+="&ref="+c(document.referrer));a+="&url="+c(f.d);l.beaconUrl=a;(new Image).src=a}};

l.e=function(f,a,d,{var e=new m(f,a,d,;g.addEventListener?g.addEventListener(a,function(){n(e)},!1):g.attachEvent("on"+a,function(){n(e)})};l.addInstrumentationInit=l.e;})();

pagespeed.addInstrumentationInit('http://1-ps.googleusercontent.com/beacon?org=119_1_vo' 'load', '&id=1402014990120769', 'http://www.thaivisa.com/forum/index.php?app=forums&module=ajax&section=topics&do=mqquote&t=731929');

[KonaRain]

multi quote on android ^^

sorry.. mods?

[Pib]

Yeap, the Multi quote function has been messed up for a while...it didn't use to be. It frequently throws all types of chicken scratching characters into a person's post...same thing happens for me.

[Zumteufel]

A consequence of the weak control of the apps in the Google Play Store. As annoying as Apple's requirements are for submitting apps to their app store store, it does have its reasons: One being protecting people (and the stores' reputation, of course).

Where does it say this has anything to do with an application downloaded from the Google Play Store? Actually it specifically mentions the dangers of downloading things not in the operating systems official app stores. Whatever system you use.

Yes, agree - sorry. Recent articles says roughly 0.1% of malware applications are downloaded from the Play Store. Things have obviously improved since last time I checked. Still, Android contributes with 97% of total malware on mobile platforms, so something's wrong somewhere.

[Zumteufel]

A consequence of the weak control of the apps in the Google Play Store. As annoying as Apple's requirements are for submitting apps to their app store store, it does have its reasons: One being protecting people (and the stores' reputation, of course).

I'd rather be prudent than being hold hostage of "Daddy's approved it"...by building up your logic you may find China's government more suitable for you...

Let's keep political censorship and software apart, shall we? The funny thing is, an extremely large percentage of the malware actually comes from Chinese app stores. And I'm not going to defend Apple here; my own application is not accepted in the App Store due to its nature. Loosening up from their side wouldn't hurt. From a security point of view, it benefits the users, though, and that's the context we're in in this thread.

[KonaRain]

Oh, China..

Edited June 10, 2014 by KonaRain