>After WannaCry and Petya ransomware outbreaks, a scary (but rather creative) new strain of ransomware is spreading via bogus apps on the Google Play Store, this time targeting Android mobile users.
>Dubbed LeakerLocker, the Android ransomware does not encrypt files on victim's device, unlike traditional ransomware, rather it secretly collects personal images, messages and browsing history and threatens to share it to their contacts if they don't pay $50 (£38).
>Researchers at security firm McAfee spotted the LeakerLocker ransomware in at least two apps — Booster & Cleaner Pro and Wallpapers Blur HD — in the Google Play Store, both of which have thousands of downloads.
>To evade detection of malicious functionality, the apps initially don’t contain any malicious payload and typical function like legitimate apps.
>But once installed by users, the apps load malicious code from its command-and-control server, which instructs them to collect a vast number of sensitive data from the victim's phone — thanks to its victims granting unnecessary permissions blindly during installation.
>The LeakerLocker ransomware then locks the home screen and displays a message that contains details of the data it claims to have stolen and holds instructions on how to pay the ransom to ensure the information is deleted.
>Google Play Store F-Droid doesn't have this problem.
Oliver Parker
And I thought Google used AI to scan the code of Apps before they allow it on their store?
Jose Jenkins
>download some random app for teh lulz You deserve this shit
Christopher Powell
Did you even fucking read it? Kill yourself dipshit
David Sanders
Any app that is allowed to access this information should raise red flags. Even if the code is injected to gather it later on. There’s still a function that allows for code injection, which should raise red flags too.
Parker Hill
How does the app load malicious code after installation? What unpatched exploit? Do they not check uploads when running? Why doesn't iOS have this issue?
Robert Scott
>installing apps >smartphones
My Nokia 3310 does not have this issue. Kys.
Parker Rivera
Have you used an Android phone? Apps request permissions on install, and you have to fucking approve it. If you're a retard and just click accept you deserve this.
I was unaware that uploading data to the cloud was considered an exploit when you click the Accept button. Tell me more.
Gabriel Barnes
Android doesn't have on-demand permission prompts like iOS?
Colton Sanchez
Ohh boye, I can't wait. My friends will love all the loli and lamia-centaur porn they will be getting straight from my chrome history :^)
Andrew Hernandez
Retard
William Evans
Rather than making the poor design choice of prompting you for every permission individually it shows you all permissions it needs to function, because Android users typically aren't babbies that need to be told how to handle technology. Normies can rot, who cares?
Ayden Powell
Why isn't it asking you if you wish to upload your shit to the cloud nigga?
Isaiah Brown
Just upgraded to Lineage with fdroid. Would be nice to have an entire libre phone with replicant but the newest shit they have is only for the S3.
Asher Fisher
>have no pics of myself on my phone >don't use the browser for porn or any type of shit oh wow I'm scared
Carson Cox
All these fucking dumbass normies on the board. This is why iOS exists, for tech illiterates like you.
Adam Baker
>friends
Jokes on them, I'm a Sup Forums user.
Gabriel Ward
your current sub-standard-looking gf will love all those juicy messages you sent to Stacy then
Cameron Wood
Wouldn't you like to know *when* and *why* it's using those permissions? You click one button at install and suddenly it has free reign to use those permissions at any time without even letting you know about it or any explanation at all.
Jason Green
They are fucking idiots, imagine the kind of dosh they would have made if they masqueraded as legit studio, released one of those games babies and retarded kids download onto billions of their parents phones, then sent the code.
So practically any app you have on your phone including the stock rom, with any kind of internet access can receive and load such code without your knowledge.
Julian Roberts
>But if you are hit by the ransomware and are worried about your sexy selfies and photographs being leaked to your friends and relatives, you might be thinking of paying a ransom. >Do not pay the Ransom! Doing so motivates cyber criminals to carry out similar attacks, and there is also no guarantee that the stolen information will be deleted by the hackers from their server and will not be used to blackmail victims again.
topkek
they will pay
also who installs wallpaper apps and grants them permission to take selfies. I can understand allowing them to access files and storage. But again people are fucking stupid so a lot probably did.
Luke Lewis
I personally don't give a fuck cause the only apps I use are for work (9mail) and messaging my friends. I also have deep packet inspection, IPS, and AV running on my gateway. This shit has absolutely no affect in me.
Ryan Lee
>photos, media and files and storage are seen as one thing very vague and can be exploited.
Xavier Thompson
>letting you know when an app is taking pictures of you and recording your voice through your front-facing camera and microphone is a "poor design choice"
You truly are a Google user.
Oliver Nelson
>getting baited by the false-flag iOS user
Ok.
Luke Jenkins
Please at least try and look this shit up, of course Android has permission prompts. You could have found the answer quicker than you found the stupid picture you uploaded.
Jordan Gutierrez
Those normies deserve it for downloading garbage bloatware apps on their phone
Carter Johnson
>tfw you don't browse porn on your phone, take nude photos of yourself, or have any contacts
Hudson Richardson
I don't think my body pillow will care
Tyler Smith
I, for one, am looking forward to the surge of amateur pornography available on the internet from ransomware like this
John Rodriguez
Cool. Phones are cancer unless hardwired in somewhere..
Sebastian Butler
I once video taped myself masturbating using my phone. It was the most un-erotic, boring thing I've ever had the displeasure of watching. I actually felt sorry for my phone's camera for having to witness the sad act.
Leo Harris
NOTHING TO HIDE NOTHING TO FEAR
James Reyes
>none of this affects me aside from maybe my reaction image folder Get fucked.
Dylan Taylor
>literal malware on Play Store that has thousands of downloads You can (not) make this shit up
Caleb Foster
My private pics are encrypted (thank you LG for providing native gallery encryption) My history deletes itself after I close the browser Git gud
Juan Carter
Yeah, but I bet you weren't a cute girl
Joseph Cook
>tfw I had Wallpapers Blur HD on my Android before switching to iOS 7 months ago They had good papes tho.
Jackson King
>Installing a google app that has access to your camera and microphone
You truly are a normie.
Oliver Scott
And neither are the other 2,000,000,000 android users. We're all stuck in this 3DPD meatscape. It's a wretched hell, the only escape from which is the brilliantly shining 2D world that we view through computers.
Eli Flores
>mom will find the cuck porn collection
Christian Peterson
>All Your Friends
You do realize where you are?
Adrian Lewis
You're both right and both wrong
Android apps handle permissions one of two ways
1) If they're written for Android 6.0 onwards, it's the same way as iOS - prompt when needed
2) If they're written using an older API, it gives you a list when you install the app, and installing it indicates that you accept all the permissions it asks for.
I'd imagine the malware probably uses method 2, which is like a EULA in that almost no fucker reads them, they just want to click through to the app they just installed.
But because Android is fragmented to fuck, they can't force API 23 on everyone.
Wyatt Martin
Damn, I used Wallpapers Blur HD a few years ago.
Joshua Phillips
Yeah, it's a consequence of having an actual filesystem.
Bentley Hernandez
Just listen to the fucking app name, "wallpapers hd blur". Who the fuck installs shit like this? Get off Sup Forums.
Hunter Moore
Using a firewall and xprivacy can help avoiding this problem. doesn't stock android have app permissions? did users allow wallpaper app to access contacts?
Eli Williams
So you are saying if I have dick pics on my phone they will get sent to all the women I've met over the years against my will. Thereby, providing a perfectly reasonable legal defense if any of the more sjw types consider it some form of rape or indecent exposure? Thus allowing me an avenue to explore my exhibitionist side? Oh man that sucks, at least they already removed the 2 apps mentioned. But there are still so many apps out there! I mean which one could possibly have still the virus? Plz let me know if you find another 1 so I can make sure to steer clear of it.
>Worry for a moment >Then realize i dont care who sees my dick girl porn >then realize I switched to apple over a year ago
Feels good man ;)
Easton Powell
Can it access your private browsing history? Otherwise the worst thing that they would get from me is just a bunch of racist memes.
Xavier Ross
Why haven't they been taken down yet?
Zachary Parker
>phone filled with gay porn >Apple user Shocking!
John Ramirez
>friends
Lucas Smith
so you are immune if you dont have anyone on the contact list?
James Collins
>bogus apps on app store >using playstore >not using f-droid you already fucked up
Dominic Foster
F-Droid only has a fraction of a fraction of apps the Play Store has.
Joseph Reed
Proper sandboxing > muh filesystem
Jaxon Sullivan
>no Pinterest client
Boo!
Nolan Kelly
what happens if you don't have any pictures or friends and also run copperhead os which i am beginning to suspect has a lot to do with the aforementioned things
Caleb Smith
People jailbreak it and leave themselves vulnerable.
Brandon Lee
Excellent, let's weed out retards. There's this saying that given the choice between dancing pigs and security, the user picks dancing pigs every time, and every shitty malware like this had potential to make it no longer true.
Nicholas Kelly
>soccermom app back to FB
they are all signed and 100% foss though >he uses his phone as a glorified pc instead of a phone utility >he doesnt use his dedicated linux laptop and instead is a normie who only uses his phone for everything
>they actually use google services and framework
why are you two even here? just go buy apple hardware
Noah Garcia
>using the smiley with a carat nose
Leo Morris
>private pics I only keep memes tho
James Phillips
Is there literally anything wrong with using Pinterest? (:
Oliver Lewis
thankfully i dont have any friends, so no issues there
Parker Anderson
Yeah, I'm sure missing quality apps Booster & Cleaner Pro and Wallpapers Blur HD
Blake Williams
Smartphones are practically touchscreen pocket PCs. I definitely use them that way more than I use the phone functionality.
Including phoneposting. :^)
Austin Hall
What if it sends all that data to your mom?
Matthew Jenkins
she knows that im a pedo, i told her already. nothing will happen.
Nathaniel Powell
This is delightfully evil.
Levi Rivera
How did your mom react?
Adrian Hall
Why would you tell your mom your fetishes? How does that even come up?
Luis Cox
she was really depressed at that time and crying and had like a panic attack and shit, she was feeling that life is really bad for her blabla, so i just said something along these lines:
"You think life if shit for you? Well I am a pedo and it is just so much worse for me. I have to live with this shit every moment of my life, and I know that I will never have anyone whom I love and who loves me back. So just shut the fuck up and pull your shit together"
she thanked me for sharing my secret with her and apparently my tactics have worked, she is much better now.
Nathan Wilson
Jesus christ, user.
Jacob Russell
Interesting. Ballsy move, user, I'm glad it paid off.
Robert Richardson
>Needing to take all these precautions to use Android
Xavier Hill
The only precaution you need is to not click on dubious pop ups. Absolutely nothing can happen to you if you just deny the service.
Zachary Murphy
Even with a proper filesystem you should be able to separate a photo album and every other file/documents.
Brody Thomas
>the infected apps we're downloaded from the play store
Blame google
Leo Gray
Oh no!!! My cuck porn. TAKE MY MONEY
Xavier Cooper
I don't have any friends so I'm safe.
Carson Rodriguez
>downloading random apps from the store >downloading a fucking cleaner/booster(performances?)/wallpaper app >not checking permissions They honestly deserved to be ransom'd
Liam Stewart
I have no friends and my mom already knows I have multiple bodypillows, this wouldn't effect me.
Owen Sanchez
>we're downloaded Blame yourself.
William Bailey
Jokes on them. I just got a new phone and there's jack shit on it worth sending
Matthew Wood
>anything other than fdroid lmao its like you are saying "put handcuffs on me please, i'm a little nigger cattle"
Jeremiah Morris
please be bait. please don't actually be this retarded.
Xavier Phillips
Good thing I haven't used Android in years
Jacob Ross
Aha! I have no contacts on my phone, good luck leakerlocker.
Austin Bell
iOS has always had an actual file system.
Jackson Rogers
no friends, no problems baka
David Lopez
>The sole purpose of my $600 utm device is to stop Android malware
kys
Leo Thompson
> pics of my asshole and pics of a dozens of mens dicks good luck with that
Parker Bennett
If I download this and I don't install it, will I still get infected with AIDS?
Robert King
>TFW humiliation fetish >TFW you just installed both of these Just
