New Android Ransomware Threatens to Send Your Internet History & Private Pics to All Your Friends

thehackernews.com/2017/07/leakerlocker-android-ransomware.html

>After WannaCry and Petya ransomware outbreaks, a scary (but rather creative) new strain of ransomware is spreading via bogus apps on the Google Play Store, this time targeting Android mobile users.

>Dubbed LeakerLocker, the Android ransomware does not encrypt files on victim's device, unlike traditional ransomware, rather it secretly collects personal images, messages and browsing history and threatens to share it to their contacts if they don't pay $50 (£38).

>Researchers at security firm McAfee spotted the LeakerLocker ransomware in at least two apps — Booster & Cleaner Pro and Wallpapers Blur HD — in the Google Play Store, both of which have thousands of downloads.

>To evade detection of malicious functionality, the apps initially don’t contain any malicious payload and typical function like legitimate apps.

>But once installed by users, the apps load malicious code from its command-and-control server, which instructs them to collect a vast number of sensitive data from the victim's phone — thanks to its victims granting unnecessary permissions blindly during installation.

>The LeakerLocker ransomware then locks the home screen and displays a message that contains details of the data it claims to have stolen and holds instructions on how to pay the ransom to ensure the information is deleted.

Other urls found in this thread:

developer.android.com/training/permissions/requesting.html
m.apkpure.com/booster-cleaner-pro/com.cropyapps.boostercleanerpro
m.apkpure.com/wallpapers-hd-blur-pro/com.wallpapersnew2017.blurhdpro
twitter.com/AnonBabble

Why is android so insecure lads?

android a shit

>Google Play Store
F-Droid doesn't have this problem.

And I thought Google used AI to scan the code of Apps before they allow it on their store?

>download some random app for teh lulz
You deserve this shit

Did you even fucking read it? Kill yourself dipshit

Any app that is allowed to access this information should raise red flags. Even if the code is injected to gather it later on. There’s still a function that allows for code injection, which should raise red flags too.

How does the app load malicious code after installation? What unpatched exploit? Do they not check uploads when running? Why doesn't iOS have this issue?

>installing apps
>smartphones

My Nokia 3310 does not have this issue. Kys.

Have you used an Android phone? Apps request permissions on install, and you have to fucking approve it. If you're a retard and just click accept you deserve this.

I was unaware that uploading data to the cloud was considered an exploit when you click the Accept button. Tell me more.

Android doesn't have on-demand permission prompts like iOS?

Ohh boye, I can't wait.
My friends will love all the loli and lamia-centaur porn they will be getting straight from my chrome history :^)

Retard

Rather than making the poor design choice of prompting you for every permission individually it shows you all permissions it needs to function, because Android users typically aren't babbies that need to be told how to handle technology. Normies can rot, who cares?

Why isn't it asking you if you wish to upload your shit to the cloud nigga?

Just upgraded to Lineage with fdroid.
Would be nice to have an entire libre phone with replicant but the newest shit they have is only for the S3.

>have no pics of myself on my phone
>don't use the browser for porn or any type of shit
oh wow I'm scared

All these fucking dumbass normies on the board. This is why iOS exists, for tech illiterates like you.

>friends

Jokes on them, I'm a Sup Forums user.

your current sub-standard-looking gf will love all those juicy messages you sent to Stacy then

Wouldn't you like to know *when* and *why* it's using those permissions? You click one button at install and suddenly it has free reign to use those permissions at any time without even letting you know about it or any explanation at all.

They are fucking idiots, imagine the kind of dosh they would have made if they masqueraded as legit studio, released one of those games babies and retarded kids download onto billions of their parents phones, then sent the code.

So practically any app you have on your phone including the stock rom, with any kind of internet access can receive and load such code without your knowledge.

>But if you are hit by the ransomware and are worried about your sexy selfies and photographs being leaked to your friends and relatives, you might be thinking of paying a ransom.
>Do not pay the Ransom! Doing so motivates cyber criminals to carry out similar attacks, and there is also no guarantee that the stolen information will be deleted by the hackers from their server and will not be used to blackmail victims again.

topkek

they will pay

also who installs wallpaper apps and grants them permission to take selfies. I can understand allowing them to access files and storage. But again people are fucking stupid so a lot probably did.

I personally don't give a fuck cause the only apps I use are for work (9mail) and messaging my friends. I also have deep packet inspection, IPS, and AV running on my gateway. This shit has absolutely no affect in me.

>photos, media and files and storage are seen as one thing
very vague and can be exploited.

>letting you know when an app is taking pictures of you and recording your voice through your front-facing camera and microphone is a "poor design choice"

You truly are a Google user.

>getting baited by the false-flag iOS user

Ok.

Please at least try and look this shit up, of course Android has permission prompts. You could have found the answer quicker than you found the stupid picture you uploaded.

Those normies deserve it for downloading garbage bloatware apps on their phone

>tfw you don't browse porn on your phone, take nude photos of yourself, or have any contacts

I don't think my body pillow will care

I, for one, am looking forward to the surge of amateur pornography available on the internet from ransomware like this

Cool. Phones are cancer unless hardwired in somewhere..

I once video taped myself masturbating using my phone. It was the most un-erotic, boring thing I've ever had the displeasure of watching. I actually felt sorry for my phone's camera for having to witness the sad act.

NOTHING TO HIDE NOTHING TO FEAR

>none of this affects me aside from maybe my reaction image folder
Get fucked.

>literal malware on Play Store that has thousands of downloads
You can (not) make this shit up

My private pics are encrypted (thank you LG for providing native gallery encryption)
My history deletes itself after I close the browser
Git gud

Yeah, but I bet you weren't a cute girl

>tfw I had Wallpapers Blur HD on my Android before switching to iOS 7 months ago
They had good papes tho.

>Installing a google app that has access to your camera and microphone

You truly are a normie.

And neither are the other 2,000,000,000 android users. We're all stuck in this 3DPD meatscape. It's a wretched hell, the only escape from which is the brilliantly shining 2D world that we view through computers.

>mom will find the cuck porn collection

>All Your Friends

You do realize where you are?

You're both right and both wrong

Android apps handle permissions one of two ways

1) If they're written for Android 6.0 onwards, it's the same way as iOS - prompt when needed

2) If they're written using an older API, it gives you a list when you install the app, and installing it indicates that you accept all the permissions it asks for.

Sauce: developer.android.com/training/permissions/requesting.html

I'd imagine the malware probably uses method 2, which is like a EULA in that almost no fucker reads them, they just want to click through to the app they just installed.

But because Android is fragmented to fuck, they can't force API 23 on everyone.

Damn, I used Wallpapers Blur HD a few years ago.

Yeah, it's a consequence of having an actual filesystem.

Just listen to the fucking app name, "wallpapers hd blur". Who the fuck installs shit like this? Get off Sup Forums.

Using a firewall and xprivacy can help avoiding this problem.
doesn't stock android have app permissions?
did users allow wallpaper app to access contacts?

So you are saying if I have dick pics on my phone they will get sent to all the women I've met over the years against my will. Thereby, providing a perfectly reasonable legal defense if any of the more sjw types consider it some form of rape or indecent exposure? Thus allowing me an avenue to explore my exhibitionist side?
Oh man that sucks, at least they already removed the 2 apps mentioned. But there are still so many apps out there! I mean which one could possibly have still the virus? Plz let me know if you find another 1 so I can make sure to steer clear of it.

here.
m.apkpure.com/booster-cleaner-pro/com.cropyapps.boostercleanerpro
m.apkpure.com/wallpapers-hd-blur-pro/com.wallpapersnew2017.blurhdpro

>Worry for a moment
>Then realize i dont care who sees my dick girl porn
>then realize I switched to apple over a year ago

Feels good man ;)

Can it access your private browsing history? Otherwise the worst thing that they would get from me is just a bunch of racist memes.

Why haven't they been taken down yet?

>phone filled with gay porn
>Apple user
Shocking!

>friends

so you are immune if you dont have anyone on the contact list?

>bogus apps on app store
>using playstore
>not using f-droid
you already fucked up

F-Droid only has a fraction of a fraction of apps the Play Store has.

Proper sandboxing > muh filesystem

>no Pinterest client

Boo!

what happens if you don't have any pictures or friends and also run copperhead os which i am beginning to suspect has a lot to do with the aforementioned things

People jailbreak it and leave themselves vulnerable.

Excellent, let's weed out retards. There's this saying that given the choice between dancing pigs and security, the user picks dancing pigs every time, and every shitty malware like this had potential to make it no longer true.

>soccermom app
back to FB

they are all signed and 100% foss though
>he uses his phone as a glorified pc instead of a phone utility
>he doesnt use his dedicated linux laptop and instead is a normie who only uses his phone for everything

>they actually use google services and framework

why are you two even here?
just go buy apple hardware

>using the smiley with a carat nose

>private pics
I only keep memes tho

Is there literally anything wrong with using Pinterest? (:

thankfully i dont have any friends, so no issues there

Yeah, I'm sure missing quality apps Booster & Cleaner Pro and Wallpapers Blur HD

Smartphones are practically touchscreen pocket PCs. I definitely use them that way more than I use the phone functionality.

Including phoneposting. :^)

What if it sends all that data to your mom?

she knows that im a pedo, i told her already. nothing will happen.

This is delightfully evil.

How did your mom react?

Why would you tell your mom your fetishes? How does that even come up?

she was really depressed at that time and crying and had like a panic attack and shit, she was feeling that life is really bad for her blabla, so i just said something along these lines:

"You think life if shit for you? Well I am a pedo and it is just so much worse for me. I have to live with this shit every moment of my life, and I know that I will never have anyone whom I love and who loves me back. So just shut the fuck up and pull your shit together"

she thanked me for sharing my secret with her and apparently my tactics have worked, she is much better now.

Jesus christ, user.

Interesting. Ballsy move, user, I'm glad it paid off.

>Needing to take all these precautions to use Android

The only precaution you need is to not click on dubious pop ups. Absolutely nothing can happen to you if you just deny the service.

Even with a proper filesystem you should be able to separate a photo album and every other file/documents.

>the infected apps we're downloaded from the play store

Blame google

Oh no!!! My cuck porn. TAKE MY MONEY

I don't have any friends so I'm safe.

>downloading random apps from the store
>downloading a fucking cleaner/booster(performances?)/wallpaper app
>not checking permissions
They honestly deserved to be ransom'd

I have no friends and my mom already knows I have multiple bodypillows, this wouldn't effect me.

>we're downloaded
Blame yourself.

Jokes on them.
I just got a new phone and there's jack shit on it worth sending

>anything other than fdroid
lmao its like you are saying "put handcuffs on me please, i'm a little nigger cattle"

please be bait. please don't actually be this retarded.

Good thing I haven't used Android in years

Aha! I have no contacts on my phone, good luck leakerlocker.

iOS has always had an actual file system.

no friends, no problems baka

>The sole purpose of my $600 utm device is to stop Android malware

kys

> pics of my asshole and pics of a dozens of mens dicks
good luck with that

If I download this and I don't install it, will I still get infected with AIDS?

>TFW humiliation fetish
>TFW you just installed both of these
Just