It’s only been two days since we met the latest malware case lurking on Android, but the hackers do not dismantle, and now they’ve come back to our favorite operating system to hijack our most sensitive data.
In this case, the malware in question is a ramsonware, malicious software capable of restricting access to data stored in the device, and then require the user an economic rescue in order to recover them.
Check Point, the company specialized in computer security has discovered this malicious app in Google Play under the name of Energy Rescue, that supposedly would improve the life of our battery. At the moment it is known that the malware has only affected a device, although it is not ruled out the possibility of discovering new victims with the passage of days.
According to the report developed by Check Point, once downloaded the application, which is no longer on Google Play, the malicious program is able to access sensitive device information such as SMS or stored contacts. In case you are able to access this data, a message would appear on the screen where you could read the following:
You have to pay us, otherwise we will sell some of your personal information on the black market every 30 minutes. WE GIVE 100% WARRANTY THAT ALL FILES WILL BE RESTORED AFTER RECEIPT OF PAYMENT. WE WILL UNLOCK THE MOBILE DEVICE AND WILL DELETE ALL YOUR DATA FROM OUR SERVER! DELETING YOUR PHONE WILL NOT CHANGE, ALL YOUR DATA ARE STORED IN OUR SERVERS! WE CAN STILL SELL YOU FOR SPAM, COUNTERFEIT, BANK CRIME, etc … We collect and download all your personal data. All the information about your social networks, bank accounts, credit cards. We collect all the information about your friends and family.
There is not much left to explain after reading this notice. However, as indicated in Check Point, in such a case it is never advisable to follow the warnings of the hackers, much less make the payment indicated which in this case would amount to 0.2 Bitcoins, a figure Equivalent to 180 dollars because we have no guarantee that we will recover the hijacked data.
As I commented, fortunately Check Point was able to report this malware to Google before it could expand, and today the application is no longer in the Google Play Store.