LeakerLocker ransomware uses shame as a weapon.
We are all too used to seeing ransomware attacks. These attacks generally operate in the same way. They take away the user’s access to their files and their devices, and demand a ransom to regain access. It can be done via locking down the device, or more recently, encrypting the files on the device. Now, there’s a new method with LeakerLocker. This malware isn’t threatening the destruction of the files, but is instead threatening sharing of the files.
LeakerLocker was found by security researchers at McAfee hiding within two apps on the Google Play Store. The two apps are Wallpapers Blur HD and Booster & Cleaner Pro. Both apps now appear to have been removed from the Google Play Store. While informed users should have been extremely cautious of a wallpaper app requesting the permissions the ransomware requires, users would generally expect a cleaner app to require additional permission.
Once installed and permissions granted, LeakerLocker goes to work. It locks the user’s home screen and sets to work in the background. The malware tells the user that it has accessed and uploaded the user’s information to their cloud, and if a $50 ransom is not paid, then the user’s information shall be shared with every contact within the user’s phone. This information includes; Personal photos, contact numbers, sent and received SMS messages, phone call history, Facebook messages, browser history, full email texts, and GPS location history.
In McAfee’s tests, the malware didn’t really do what was being threatened. While much of this information was accessed, apparently in order to get counts to frighten the user, not all the information was actually read, and nothing was uploaded to any cloud. This should be comforting to victims, however, the malware could be used to do these actions provided the attacker sends the command to do so.
As always, show care when installing new applications. If it seems an application is asking for permissions really shouldn’t need, think twice before granting those permissions.