If you own an Android device, there’s a new threat to be at least moderately concerned about. It takes the form of a new ransomware family that spreads from one victim to the next with text messages that contain poisoned links to every contact on an infected device.
The ESET research team that found the software had this to say about it:
“Due to narrow targeting and flaws in both execution of the campaign and implementation of its encryption, the impact of this new ransomware is limited.
If your system is infected, the first thing it will do is raid your contacts list and send SMS text messages to everyone on it. Anybody who clicks on the link in the SMS message will also be infected.
After sending a flurry of messages, the malware will turn its attention to your device itself. It will then set about the task of encrypting most of the files on your device. Fortunately, the people behind this new threat prove themselves to be new to the game.”
“After the ransomware sends out this batch of malicious SMSes, it encrypts most user files on the device and requests a ransom. Due to flawed encryption, it is possible to decrypt the affected files without any assistance from the attacker.”
All in all, this issue is only of minor concern. It’s annoying, and certainly time-consuming to restore your files. However, it’s not an especially dangerous malware strain – yet, and that’s the problem.
Whoever is behind this new threat certainly has the right idea, even if they lack the technical chops to pull it off. Skills, however, can be learned and honed. As a first try, this effort is disturbing because it’s clever. The moment the people who wrote the code get the technical skills to pair with that cleverness, they’re going to be genuinely dangerous.