Click to Skip Ad
Closing in...

Creepy new Android ransomware installs itself, demands payment in iTunes gift cards

Updated Dec 19th, 2018 9:16PM EST
Android Ransomware Cyber Police iTunes

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

This brand new Android threat might not affect a large number of users, but it deserves some attention considering its ingenuity. Unlike other malware threats that need to fool the user to install them, this new ransomware-like attack does it automatically, without the owner of the handset knowing what’s happening. Ironically, after locking down the handset, the program demands payment in iTunes gift cards. But thankfully, there is a way to deal with it.

DON’T MISS: Incredible drag race video pits Tesla Model X against a Ferrari F430

Discovered by Blue Coat, the malware masquerades as a warning from the U.S. government’s intelligence agencies, and installs itself after users visit certain compromised websites, including porn domains.

Once installed, the program stops all apps and prevents the user from doing anything with the device until a payment of $200 in iTunes gift cards is completed. Luckily, unlike computer ransomware, this program does not encrypt data. That means you can retrieve your personal information by connecting the handset or tablet to a PC. Once that’s done, simply performing a factory reset would remove the threat as all data from the device is wiped out.

It’s not clear how many users the malware has affected so far, but it was first discovered in late February. Identified Cyber.Police publicly and “net.prospectus” internally, the malware works on Android devices running Android versions between 4.0.3 and 4.4.4, which means millions of devices may be exposed to the attack.

Even if you get rid of this type of malware strain, make sure you avoid shady website in the future and use a different browser than the default one that’s installed on your device. These older smartphones, tablets and other gadgets operating Ice Cream or Jelly Bean versions of Android may not be updated to more secure Android builds, which means they might be susceptible to the attack in perpetuity as Blue Coat explains.

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.