Mobile Malware? LeakerLocker is Ransomware for your Phone

LeakerLocker is a ransomware, but not like the ones you’ve seen recently. It’s meant for Android phones and comes piggybacked to seemingly legitimate apps you can download from Google Play. Read to find out how you can avoid this mobile malware.

By now, you’ve probably read more than a few blog posts about ransomware. Hopefully, you’ve taken the advice from each one, and updated your computers, and installed antivirus, and taken a more serious stance against cyber crime. But what about your phone? It’s possible that as we try and build and maintain cyber security for our computers and networks, our phones sometimes can be forgotten.

Just like the 14 million Verizon customers who could have lost their personal data to the internet recently, a new ransomware called LeakerLocker is threatening to release personal information from infected phones to the public. Unlike other ransomware, instead of using encryption to hold information hostage, it simply creates a backup of the data stored on the phone and uses that as leverage for the ransom.

LeakerLocker is a ransomware-type malware, that so far has been found to be included in a few different apps available for download on the Google Play Store. Each works normally according to their supposed app functions, but undetected to the user, install the ransomware on the phone. The way that it works is that the user grants permissions to the app to access information, while also granting access to this same information for the malware. Here are the two apps to look out for:

Wallpapers Blur HD is simply a wallpaper app, with a variety of images to choose from to set as your phone screen. You can set your wallpaper to change daily, and new images are updated. The app is rated 3.6 stars, and has been downloaded more than 5,000 times. If you look in the comments, you will notice how many are confused at why a simple wallpaper app requires so many permissions. My advice? Take a picture instead.

The second app is a different type of app, called Booster & Cleaner Pro, is an optimization and memory booster app. It has been downloaded between 1,000 and 5,000 times, with a 4.5-star rating on the Google Play store. Though it can perform its purpose, you shouldn’t trust every review you read. Due to its nature as a cleaner app, one might be more inclined to give it permissions to access information stored on the phone. It uses the LeakerLocker ransomware to create a backup of the files accessed. Instead of using this to clean up your phone, delete a few pictures, clear your caches, and voila! You have more available memory.

As shown, the ransom for your data is $50. It doesn’t seem like much, but the damage done could be worse than you think. As shown above, the information is sent to all your contacts, phone and email. Though you may not be worried about Facebook password getting sent to your mom, your banking app login info could be sent to the sender of that spam email you received yesterday. Regardless of who or what gets sent out, the results could be devastating.

Prevention is easier than mitigation in most cases, especially in this one. First, do not download these two apps, or any other app that you do not trust. Anyways, do you really need a wallpaper app? Second, before downloading apps, research them a little more. What do the reviews say? Is it new, and regularly updated? Third, and perhaps most importantly, don’t allow anything and everything the permissions they ask for. Often, an app can still function without many of the permissions it asks for. Think twice, and save your phone, your wallet, and your personal data.