Nowhere is safe from hackers anymore. Just when you thought that it couldn’t get any worse, they had to ruin porn for everyone. We don’t have to keep watch over just pop-ups and random advertisements anymore. We have to add porn to the list. This is because a hacker uses porn to lure people into downloading ransomware.
According to Luka Stefanko, who is a researcher from the antivirus firm ESET, he said that this new ransomware has actually been going around Reddit and the XDA Developers forum. The ransomware called “Android/Filecoder.C”, is hidden inside a porn app.
Updated on 6 December 2024
The Scary Part
The notorious person behind all this has been linking the ransomware within a “sex simulator” app, telling people to try it out. Then, once the users get in on it, the link automatically downloads the malware.
And as if it couldn’t get any worse, the ransomware doesn’t just stop there. It goes through your contact list and sends a message to each of the phone numbers on it.
Each text attempts to trick people to open the link by saying “*insert name here*, why do they have your photo? I thought I should let you know”. But you have to hand it to them, this is a very effective way of getting people to press on the link. I mean, wouldn’t you be concerned if you got a text from your friend saying they saw your face on a sex simulator app?
“To maximize its reach, the ransomware has the 42 language versions of the message template,” Stefanko stated. Talk about preparedness.
After the Infiltration
Once it successfully gains access to your device, it’ll start to encrypt all your personal information. And then, it’ll automatically display a threatening ransom note on the screen. The hacker then demands the victim to pay $94 to $188 in Bitcoin in order to get their data back. If they don’t comply with the demands, then all the data will be permanently deleted in 72 hours.
A Silver Lining
The good news is, Stefanko happened to report that there are some flaws in the hacker’s tactics. “According to our analysis, there is nothing in the ransomware’s code to support the claim that the affected data will be lost after 72 hours,” Stefanko stated.
And, there is no reason for the affected people to be scared because there is a way for them to get their data back without paying up. If you look through the coding, you can actually find the decryption key that you need for the job. And, it is the same in all Android/Filecoder.C.
Stefanko elaborates that “due to narrow targeting and flaws in both execution of the campaign and implementation of its encryption, the impact of this new ransomware is limited,” he said. “However, if the developers fix the flaws and the operators start targeting broader groups of users, the Android/Filecoder.C ransomware could become a serious threat.”
This devious act has been in play since July 12. And even though the link was clicked on about 59 times, the Bitcoin account that was set to accept the ransom still hasn’t received anything.