LeakerLocker is a form of Android ransomware that threatens to send all your private information, data and web history to all of your contacts and demands $50 from you if you don’t want it expose you to the public.
This ransomware is called LeakerLocker, and it was found in the Google Play Store. It works in a different and weird way because unlike other ransomware, it does not encrypt its victims’ files. Rather, it makes a backup of victims’ data stored on the device. Then the developers of the malware demand $50 in exchange for not leaking your personal info to your phone and email contacts. Some of your personal info at risk includes your web history, emails, location history and more.
The LeakerLocker Malware was found in two apps in the Google Play Store. These are Wallpaper Blur HD, which has been downloaded up to 10,000 times by Android users, and Booster & Cleaner Pro, which has been downloaded up to 5,000 times as well. So this simply means that at the moment, about 15,000 people have already fallen victim to this malware, which has been in the Google Play Store since April this year.
Imagine the apps even had good reviews on playsStore; developers has manipulated fake reviews of the apps to deceive people who want to download.
HOW LEAKERLOCKER WORKS
Once you download any of these vulnerable apps, LeakerLocker asks for a large number of permissions, including the ability to manage calls, read and send text messages, and access contacts. After you grant it access, the malware communicates with a receiver, thus initiating the malicious activity and locking the Home screen of the device with an extortion threat. Analysis of the malware code shows that it is capable of accessing an email address, some contact information, Chrome browser history, text messages and calls, and photos from the camera.
HOW PAYMENT IS MADE
LeakerLocker demands the ransom via credit card. Researchers have advised victims not to pay up, because there’s no guarantee that the information will be released or will not be used to get at them again.
McAfee researchers have reported the malware to Google, and the offending apps have been removed from the Google Play Store.