Android Simplelocker Ransomware Encrypts SD Card Files

A security firm says it has found the first confirmed case of ransomware that encrypts files held by Android devices.

Eset reports that the Trojan - called Simplelocker - targets SD cards slotted into tablets and handsets, electronically scrambling certain types of files on them before demanding cash to decrypt the data.

The message is in Russian, and payment is requested in Ukrainian currency.

One expert said the threat was noteworthy, but limited at this stage.

"File-encrypting malware has proved to be a lucrative criminal enterprise so it is unsurprising that Android has become a new target," said Dr Steven Murdoch, of the University of Cambridge's Computer Laboratory.

"Smartphone users should be very cautious of installing software from sources other than the operating system-provided application store, and should pressure their phone supplier to promptly provide security updates to defend against known vulnerabilities."

Infected devices bring up this Russian-language warning

He noted that networks often lagged or failed altogether to provide Google's security patches for older Android handsets.

(BBC)