Crooks have developed a strain of Android ransomware that threatens to expose a user's browsing history.

Lockdroid ransomware uses clickjacking techniques to display popups in order to confuse users into letting the malicious code gain admin privileges on their targeted devices reports The Register. About two out of three users of devices that run versions earlier than Android 5.0 are left at risk.

The malware encrypts files before it demands a ransom. A fake message that supposedly came from the US Department of Justice says that the mobile device has been locked after visiting websites with distasteful content, however it can be unlocked once a ransom is paid. Lockdroid will also take a user's browser history and contact list prior to making threats to expose the victim's potentially embarrassing browser history and forwarding it to their contacts.

"The malicious app is not found on Google Play and may be downloaded from third-party app stores, forums, or torrent sites," Symantec researchers said. "Users who have Google Play installed are protected from this app by Verify Apps even when downloading it outside of Google Play."