Be aware of the latest malware’s attack on Android smartphones.
Lincolnshire Police has issued warning for smartphone users to stay aware of a malicious text message that is being spread over Android phones. It’s a new form of Android malicious software. It’s called ‘Worm.Koler.A’. Uncovered by security firm Adaptive as a variant of ‘Android.Koler’, the malware-message will typically read ‘someone made a profile named -[the contact’s name]- and he/she uploaded some of your photos! Is that you?’
Then there will be a ‘bit.ly’ URL and when someone clicks on this link, it redirects the victim to file-hosting service. The page encourages user to download an app with name ‘Photoviewer’. If the victim downloads the app and install it in the device, a pop-up screen appears that says police has locked your device, and you must pay to a particular amount to unlock it.
In the mean time when user is stunned by the locked screen, malware performs other activity in background. It begins to send a message to all the contact in the phone. Because it is send via victim’s phone, it appears very authentic.
As said by Lincolnshire Police’s spokesman that the malware currently appears to be aimed at US because the pop-up screens showing up on a blocked device, seem to be originated from the FBI itself. On the other side, the malware has already or likely to affect UK’s users but no single report has been received by National Fraud Intelligence Bureau.
Lincolnshire police has advised users that if they are not sure about message-content or link, they should avoid clicking it. In case you have also received a message like this from a person you know very well, contact the sender and ask whether he/she really send such message.
Also avoid downloading apps from places other than Google Play as it’s the only place you can stay assured that the downloaded app will have no malware infection. Any page accessed via link mentioned in a text message is always suspicious and if the page is encouraging you to download an app which is not available in Google Play, you should not do it at all, regardless this presently circulating malware called ‘Android.Koler’.
In case your device is infected with this ransomwar, users have one way left – perform the manufacturer device reset procedure and then re-install apps. The infection can also cause potential loss of photos. You will of course miss the lost photos that you have never backed up.
In case the malware restricts users from accessing device settings, it can be put on safe mode and then the app can be removed. As you remove the app, do complete reset to it.
For more information, you can contact Lincolnshire Police Crime Deduction Unit at email@example.com.