Common Android ransomware spreads to Japan

News by Greg Masters

Already a scourge in the West, Android.Lockdroid ransomware has expanded its base to target Japan.

Already a scourge in the West, Android.Lockdroid ransomware has expanded its base to include Japan, according to a Thursday post by Symantec.

The malware is traditionally delivered from adult sites after a user clicks on a link, sometimes an ad. It has also posed as a system update and as a porn video app, which users attempt to download.

Once it has gained access to C&C servers, it uploads device information to determine the device's language and can then customise its ransom message to the appropriate language.

It is the first time that Symantec has detected mobile ransomware for Western users in any Asian language.

Whether the message is delivered to the US, Europe or Japan, victims are duped into believing that authorities have locked their device because the user has viewed or downloaded porn. The warning demands the user pay a fine, around $100 (£70), to unlock the device.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Webcasts and interviews 

Interview - Everyone has an Achilles heel: The new security paradigm

How can we defend networks now that the perimeter has all but disappeared?
Brought to you in partnership with ExtraHop