LeakerLocker, which was reportedly available for download in the Google Play app store, targets Android users. Unlike typical ransomware, LeakerLocker does not encrypt a user’s files. Instead, the ransomware claims to copy data on the device — such as emails, Facebook messages, location history, photos and web history — which it threatens to send to a user’s phone and email contacts unless they pay $50.
Two apps found in the Google Play store reportedly contained this ransomware. In total, the apps have been downloaded between 6,000 and 15,000 times since at least April. LeakerLocker requests access to a range of functions after installation, including access to contacts and ability to read messages. However, an analysis of the malware indicated it cannot access as much private data as it claims.
“Analysis of the code shows it’s capable of at least accessing an email address, some contact information, Chrome browser history, text messages and calls, and photos from the camera,” according to ZDNet. “Snippets of this data are chosen at random to convince the victim that all their data has been copied.”
McAfee researchers, who first discovered LeakerLocker, reported the ransomware to Google. The two apps have since been removed from the Google Play store. Google did not immediately return ZDNet‘s request for comment.
More articles on health IT:
Bloomberg: Kaspersky Lab tied to Russian government
3 Florida ACOs tap eClinicalWorks for population health management
Norwegian academic, healthcare institutions partner for blockchain research network
