Living in the Era of Internet has its advantages and disadvantages – distances become meaningless, sharing ideas and facts is easy, and you will always be able to find tons of material on your subjects of interests. But how sure can you be that your private information stays private?
Unfortunately, one cannot say that there’s a magical formula that makes your personal data impervious to hackers. Each day, thousands of malware codes are uncovered and destroyed. But, like the mythical Hydra, if you destroy a malicious code, much more will take its place.
Recently, Google has identified a very dangerous malware code, masquerading as a legitimate application. The code was so well hidden, that even the most trained eye would have had difficulties identifying it.
Cyber security experts declared that new ransomware identified and removed by Google was cleverly embedded in a battery saving application called Energy Rescue. These types of applications can easily be found on Google Play.
Their purpose is to identify battery-consuming applications and to shut them down in order to extend the battery’s life. However, this new app identified by Google was a cover-up for something more menacing – a ransomware that could strip the mobile device of your personal data.
According to Google, after the user installed the application, a message would appear on the user’s screen saying something like your phone has been taken over by a hostile force and that all your personal information was downloaded and stored on a malware server.
The message also informs the user that if he does not comply with the terms, his personal data which includes contacts, social media info, bank accounts, and passwords, will be sold byte by byte on the underground market at an interval of 30 minutes.
In order to get his data back and to unblock the device, the user must pay 0.2 bitcoins (approximately $180). And to make matters even worse, the user has the personal guarantee of the criminal that his or her data will be given back upon payment.
The team who identified the malware code said that the creators are probably from Russia, Belarus, or Ukraine since the malware code becomes inert when detecting those countries.
Luckily, Google managed to delete the bogus application infected with the malware code in time. The company said that the application came under scrutiny when several experts reported that the app requested more permissions than necessary.
Image source: Wikipedia