Cybersecurity Insiders has learned that a new ransomware variant called ‘LeakerLocker’ is being circulated by hackers on Google Play store from past few weeks. And security researchers from McAfee discovered that the said malware has the potential to leak the images of the victim’s phone onto the web if a ransom of $50 isn’t paid.
Yes, what you have read is true! Researchers from McAfee say that the ransomware is currently being circulated through two fake apps available on play store. Experts say that these apps are actually malicious as they collect sensitive data from the device and then present the user with a ransom demand on the lock-screen. The ransomware demand may vary depending upon the data which has been held as a hostage.
Researchers say that two apps named Wallpapers Blur HD and Booster & Cleaner Pro are being loaded with malware. And as soon as an Android device user downloads these apps, the malware comes as an add-on or free gift to them.
Technically, LeakerLocker locks the home screen and gains access to the private information such as emails, random contacts, chrome history, images, video files, text messages, and calls. It then picks up some images and screen shots of browsing history from the victim’s phone and then displays them in thumbnail format on the lock screen along with a message which says that all the data from the phone has been uploaded to a secure cloud storage and will be leaked to your friends, or web or a public domain if a ransom of $50 isn’t paid within 72 hours.
Fernando Ruiz and ZePeng Chen, analysts from McAfee say that hackers will ask the victim to pay the ransom through a credit card. If the ransom is received, then they send a message to the victim’s phone which says that the payment has been received and all the uploaded data will be cleaned up from their servers. If the victim fails to react, the hackers say to the victim that their phone data will be made public.
The whereabouts of the hackers are still unknown and researchers aren’t sure that the data stored on remote servers is actually cleared in real when the ransom is paid,
