FLocker malware was once found targeting Android smartphones but its new variant is even locking up Android Smart TV!
Researchers have exposed sophisticated ransomware scams targeting Android-based devices such as smartphones and smart TV. Yes, you read that right. IT security researchers at Trend Micro have found Frantic Locker or FLocker malware targeting Android devices since 2015 but its latest variant (ANDROIDOS_FLOCKER.A) has been targeting Smart TV by locking it up.
Since its discovery last year, the malware has over 7,000 variants while in April the researchers found more 1,200 variants targeting users worldwide, yet, the malware has been developed with such unique settings that upon targeting it scans for users’ location and if it finds out the target is located in Eastern European countries the malware quits the attack and does not lock the targeted device.
Countries who are not under threat are Armenia, Azerbaijan, Belarus, Bulgaria, Georgia, Hungary, Kazakhstan, Russia and Ukraine. However, if users in aforementioned countries are infected the malware waits for half and hour, freezes the screen of targeted device, shows a message about fake system update and quits its operation.
The FLocker malware displays ransom demand note message after locking the screen of targeted device claiming to be a part of US Cyber Police or another law enforcement agency. The demand note asks users to $200 USD worth of iTunes gift cards in order to unlock their device. It repeats the same patron on smart TV.
Though it is unclear how the cyber criminals are targeting smart TV, when it comes to Android smartphone the researchers have warned not to click malicious links they receive in text messages.
If your smart TV has been infected with this ransomware, Trend Micro suggest contacting the vendor or try removing the malware yourself by enabling ADB debugging.
“If an Android TV gets infected, we suggest that the user contacts the device vendor for solution at first. Another way of removing the malware is possible if the user can enable ADB debugging,” Trend Micro explains.
“Users can connect their device with a PC and launch the ADB shell and execute the command ‘PM clear %pkg%’. This kills the ransomware process and unlocks the screen. Users can then deactivate the device admin privilege granted to the application and uninstall the app.”
If you are using Android smartphone or Smart TV make sure not to visit malicious website and NEVER click links you receive in text messages from unknown senders! Keep yourself away from such threats.