McAfee – a computer software security company – has identified ransomware, hidden in two apps on the Google PlayStore. This malware does not come with its original name. It is hidden in two applications – the applications found with the malware – on the Google PlayStore.
The name of the malware is LeakerLocker and McAfee’s research team discovered it with the identifier Android/Ransom.LeakerLocker.A!Pkg
LeakerLocker threatens to leak the user’s private data such as text messages, browsing history and other sensitive information to the user’s contacts if the user refuses to pay the attacker a ransom of $50.
LeakerLocker was found in two applications on PlayStore – “Wallpapers Blur HD” and “Booster & Cleaner Pro.” Once you download any of these two apps, they will require permission to access lots of information – which they shouldn’t – including messages and other personal data.
How does this app work?
When you download the infected application – “Booster & Cleaner Pro” or the “Wallpapers Blur HD,” the application seems to perform its functions at first. The cleaner-booster application starts as a cleaner and displays data that make it look as though it is really cleaning your android smartphone and boosting its performance.
Once the initiation process is complete on the application, it starts com.robocleansoft.boostvsclean.receivers.BoorReceiver which activates the Alarm Manager on your smartphone, and with other conditions starts a malicious activity com.robocleansoft.boostvsclean.AdActivity.
Once this is done, your home screen will be locked by LeakerLocker. It then begins to access your personal information because you unintentionally granted it permission during the installation of the fake software which contained LeakerLocker.
LeakerLocker claims it can access your personal photos, contact numbers, Facebook messages, phone call history, browser history, GPS location, SMS and email text. But the American computer software security company, McAfee, has made it known that the malware can access the user’s email address, text messages, chrome browsing history, call history, camera, and device information.
Once the process is complete, LeakerLocker will display an interface for the user to pay a ransom of $50 or risk sharing personal information with emails and phone numbers on the device.
McAfee has warned users not to pay the ransom as it will only fund and rapidly increase the production of more malicious applications. But this is a difficult choice to make. Most people who have $50 will pay without thinking twice.
The best is to make sure you don’t download the application. McAfee says they have reported the application to Google. Let’s hope action is taken on time to remove these applications.
This is why I do not have a single antivirus on my smartphone – I’m not saying you shouldn’t. I might get one in the future when it is recommended by a good antivirus company. Some applications really do not perform the actions they claim to perform.
Users of Android devices should be careful about the kind of permission they grant some applications, especially third party applications.