Ransomware on Android: It was only a matter of time

Malware called Android.Fakedefender pretends to be antivirus software while locking up your smartphone until you pay the 'registration fee'

Cybercriminals have unleashed a nefarious new attacks on Android users, according to Symantec. Malware dubbed Android.Fakedefender purports to be antivirus software -- but that really just locks up the infected device until the user hands over a payment for the "full version" of the "security app." This type of ransomware has become increasingly common on PCs, and it was just a matter of time before it reared its ugly head on Google's highly targeted mobile platform.

Bad guys are packaging Android.Fakedefender inside of relatively legit-looking Android apps, such as software that pretends to be used for making "free calls" on Skype. (According to a Symantec spokesperson, the malware isn't being delivered via apps available in Google Play.) Once installed, the app claims to have found an array of viruses on the infected smartphone. The user may then choose to register the fake antivirus software to remove all the threats.

If a user declines, things can turn ugly. The amount of havoc the malware can wreak varies from device to device, given Android's widespread fragmentation. Beyond continuing to deliver fake infection warnings, including pretending to find a cache of porn files on the device, the malware can prevent other apps from being launched. It can cause the device to crash and can change operating system settings.

And in some cases, users may not even be able to perform a factory data reset on the device, according to Symantec employee Joji Hamada. "If they are lucky, some users may be able to perform a simple uninstall due to the fact that the app may crash when executed because of compatibility issues."

Not surprisingly, Symantec recommends that users install a mobile security app to protect their devices. What's more, the company urges users to only download and install apps from trusted sources.

This story, "Ransomware on Android: It was only a matter of time," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest developments in business technology news, follow InfoWorld.com on Twitter.

Copyright © 2013 IDG Communications, Inc.

How to choose a low-code development platform