Android’s ecosystem has been one of the favorite targets by a cybercriminal. As billions of Android phones are used all over the world, cybercriminals find it easy to attack people through their Android mobiles. Some of the most popular Android ransomwares are the following:
Lockdroid has posed as a reliable looking ransomware by using Google’s Material Design. The app disguises itself as an update of Google, enticing users to install it by showing a screen filled with permissions by which attackers can access your entire mobile. Users click on the app to install without reading the permissions and allow the ransomware authorization to infect the computer.
Afterwards, the ransomware manages to control the complete phone including texts, call logs and browser information. The ransomware then poses as a security agency and users are shown a warning that warns them about an illegal activity that they have committed and the payment of a fine as penalty. Users then pay the fine to remove ransomware.
Adult Player tries to cash on the psychology of its victims by posing as a porn video player. It then proceeds to show videos to users and completely deceives them into thinking of it as a real app. As the user watches videos, the app takes snaps of its victims through the front camera.
Users are then threatened with the leak of these pictures to public in return of money (ransom). Adult Player then manages to completely lock the device. The ransom demanded is generally $400-600 and the payment medium required is PayPal. Many people pay ransom in order to save their reputation and remove ransomware.
Simplocker was the first Android ransomware and its origins trace to Russia. It was first discovered by ransomware removal experts in 2014. The ransomware employs the use of the popular AES (Advanced Encryption Standard) for encrypting the files of their victims. Users are fooled into thinking that they have been caught by a security agency breaking the law while committing a crime like child pornography. Thus, users are confused and pay immediately to save themselves and remove ransomware.