New Charger ransomware infiltrates Google Play store

A few days ago, new ransomware pretending to be a battery-saving application has assaulted Google Play website. Security experts regularly have warned users not to download applications from other sources than the mentioned domain. While users try to follow this advice, the bright minds of cyber space again manifested their mastery by exploiting the weaknesses of the domain. It did not take long for them to introduce Android ransomware called Charger [1].

Google Play store is the place where the majority of Android users look for new apps. Being aware of this, cyber villains have disguised their menacing content under the program called EnergyRescue. On its veneer, it looked like an ordinary app helping you to save battery energy. On the inside, it was insidious ransomware spying on users messages and contact list [2]. After acquiring the necessary information, it is transmitted to the secret server monitored by the hackers. Later on, they paralyze users‘ devices and demand ransom in exchange for the re-access.

Ransomware assaults Google Play store

You need to pay for us. Otherwise, we will sell a portion of your personal information on black market every 30 minutes. WE GIVE 100% GUARANTEE THAT ALL FILES WILL RESTORE AFTER WE RECEIVE PAYMENT. WE WILL UNLOCK THE MOBILE DEVICE AND DELETE ALL YOUR DATA FROM OUR SERVER!

Ransomware differs from other versions of Android malware. In previous cases, the malicious payload was delivered through smaller applications. They demanded users to grant administration rights to secretly install the very virus. In this case, the crooks have managed to disguise the corrupted code entirely and avoid the detection of Google Play security tool. What is more, the infection was loaded from encrypted domains in contrast to droppers used to deliver ransomware in previous cases. Another peculiarity is that the ransomware avoids targeting Russian, Belarus and Ukrainian residents. Luckily, Google has already terminated the ransomware [3]. Though Android has been attempting to patch security holes, mobile devices still remain much more vulnerable to virtual infections [4]. Due to rapid modernization of phones, cyber criminals may find a way how to infect users‘ PCs through their phones. All in all, netizens must remain vigilant [5]. Do not overload your device with unnecessary applications. Instead, check every program with a mobile version of the anti-spyware tool and keep the system up-to-date.

About the author
Julie Splinters
Julie Splinters - Anti-malware specialist

Julie Splinters is the News Editor of 2-spyware. Her bachelor was English Philology.

Contact Julie Splinters
About the company Esolutions