Since October 2014, security companies have followed and tried to fight against a new viruses, insidious computer that has spread at an alarming rate, especially in the United States.
Known as Koler virus, worm Trojan ransomware was questionable enemy for security companies to contain. Due to its lock screen capability and ability to access Android information of the mobile device of an individual, the virus Koler is a frustrating and highly contagious variant of malware.
However, education and implementation of prudent security measures on an Android device can fight against this new form of malware.
What Is Ransomware?
True to its namesake, a ransomware virus freezes the computer of an individual and requires a ransom before returning it to operation. In almost all cases, ransomware takes the form of a persistent window that hinders the ability of an individual to navigate their device, be it a computer or a phone. Since individuals can not navigate their devices, they can not disable the malware via an application manager - or any other method. Not until a ransom is paid.
Ransomware is not a new phenomenon. Unfortunately, the effectiveness of ransomware makes popular among scammers, and an increasing number of people are victims of these pay ransoms. Generally, persistent window that captures the computer takes the appearance of a legitimate organization, such as the application of local law, giving the individual a concern.
Most often, and in the case of Koler virus, individuals are "fine" for illegal content viewing. To lift the indictment, the person must pay the "fine" before the normal operation of the computer is restored. This "opportunity charge" of course, is the crux of this scam.
The appearance of the worm Koler Android SMS
In October 2014, malware researchers began to notice the Android Koler SMS worm variant of ransomware Trojan typical. Like most ransomware, the virus locks the screen Koler with incessant window under the cover of a legitimate message application of local law. Distributed by porn (and other illicit) sites by clicking on seemingly normal applications, the virus Koler accuses the user to view child pornography, and the message asks the individual to pay their "fine" using a MoneyPak prepaid card.
So far, the researchers found that the virus Koler has the ability to mimic the local police in 30 countries. In the United States, the virus Koler impersonates the FBI. Although such a ransomware is disruptive nature of the virus has been localized to a single device, and historically only distributed through clicking on a fake online application.
In addition, ransomware was generally limited to the PC world and is a relative newcomer to mobile devices. This is due in part to restrictions of files in mobile operating systems, which limits the ability of applications to control the entire system. However, the Android Koler virus has learned to access the entire system, including all media and contacts in the address book of the compromised device. In other words, the Koler virus is a variant of ransomware with the ability to self-propagate through the address books of infected device.
Opening a Can of Worms SMS
Unfortunately, Koler virus's ability to access a Android system set includes contacts and SMS messages, it allows self -propagation contacts of an infected user in the form of SMS messages. Contacts receive a bit.ly URL shortcut to a location with a Dropbox app "PhotoViewer"
The application package file is called IMG_7821.apk -. This is what makes the virus Koler a worm and a new variant of ransomware. If the user downloads the application unsuspecting, persistent screen appears with the application message of the false law, demanding $ 300 ransom for illegal content viewing.
The Infectious Nature Koler virus
Of the 30 countries infected Koler worm virus, the United States accounts for three quarters of infected devices, and much of infected Android devices were followed throughout the Middle East. In addition, malware Koler was followed on many telephone carriers United States. Nature is rapidly spreading virus is due to a major component of its mechanism -. Its ability to access all the contacts of a compromise device and send an SMS message, at some point, to all contacts in the address book
The SMS message says "Someone Profile named - [the contact’s name] - and he uploaded some of your photos is that you "Obviously unsuspecting victims in the address book are more confident of a message sent by a friend, family member or acquaintance? . Although a typical person may be wary of downloading applications from a seedy porn site, he or she may not think twice to respond to a seemingly harmless message.
How to protect your Android device
First things first: If users suspect their Android devices were infected, they should never pay the ransom. Ransom certainly does not guarantee that the device will be restored to normal operation. It also encourages the cyber crime and perpetuates these types of scams.
Although Koler virus is insidious in its ability to spread, it does not encrypt the files, which means it is relatively simple to remove a mobile device. Indeed, the Koler virus can be eliminated by following two basic steps. First, a user must restart the phone into safe mode. Once the device is in safe mode, the user can remove the infection app "PhotoViewer" using the standard Android uninstall feature.
Users can also define their Android security settings to completely remove the risk of infection. By simply turning off the "Unknown sources" in the security settings menu, users will not be able to install applications from unknown sources. They have to download apps from the official Google Play store found on Android devices.
Currently, mobile security companies work with law enforcement, Dropbox and bit.ly to eradicate Koler worm virus. Although his ability to access contacts in Android devices and delivery mechanism are both alarming, the virus can be contained through education and the implementation of effective safety measures. Android users are encouraged to remain vigilant and think twice about clicking on suspicious links in text messages they receive.
0 Komentar