Ransomware Attack Hits Thousands of U.S. Android Users
CRN, By Rob Westervelt
A ransomware campaign tied to a network of malicious porn sites
has successfully impacted at least 2,000 Android users in the U.S. and users in
30 countries, attempting to extort a fee to unlock devices.
The attack campaign redirects visitors from a network of porn
sites to an attack webpage containing an Android package that must be installed
by the user. Once the victim installs the package, the victim's screen is
locked by the Koler malware, which displays a phony message from law
enforcement demanding up to a $300 fine to unlock the device, according to
Kaspersky Lab, which issued a report Monday analyzing the campaign.
The distribution network of malicious porn sites and number of
different payloads to target both mobile device owners and PC users
demonstrates the growing sophistication and organization behind financially
motivated attack campaigns, Kaspersky Lab said. The browser-based ransomware
connected to the campaign appears to be tied to a popular exploit kit driven by
a distribution network, believed to be based in Russia, Kaspersky Lab said. Read more.