{"id":7727,"date":"2017-05-22T07:11:17","date_gmt":"2017-05-22T15:11:17","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/05\/22\/news-1512\/"},"modified":"2017-05-22T07:11:17","modified_gmt":"2017-05-22T15:11:17","slug":"news-1512","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2017\/05\/22\/news-1512\/","title":{"rendered":"Mobile Menace Monday: Ransomware targets Tencent users"},"content":{"rendered":"

Credit to Author: Nathan Collier| Date: Mon, 22 May 2017 14:00:31 +0000<\/strong><\/p>\n

Early this April, an increase of infection rates by a variant of ransomware known as Android\/Ransom.SLocker.fh was seen.<\/p>\n

Ransomware targets\u00a0Tencent users<\/h3>\n

An especially relevant trait of SLocker.fh is its use of Tenpay to send payment to the criminals. Tenpay is an integrated payment platform by Tencent\u00a0\u2014 China\u2019s largest Internet service portals. Thus, it is no surprise that SLocker.fh originates from China.<\/p>\n

In order to\u00a0pay, users must have a QQ ID to send payment; which is provided. \u00a0Since\u00a0Tencent’s most popular\u00a0platform is QQ Instant Messenger, the criminals are probably targeting these users the most.<\/p>\n

Various iterations to fool users<\/h3>\n

Like many Android ransomware apps, SLocker.fh masquerades as various legitimate apps to fool users into accepting escalated rights. Users who\u00a0accept the escalated rights will have their\u00a0device forced to reboot. \u00a0After reboot, users will have their device locked with overlaying screen with instructions to pay.<\/p>\n

Click to view slideshow.<\/a> Click to view slideshow.<\/a> <\/p>\n

Stay protected<\/h3>\n

Because Android ransomware is on the rise, users should be extra cautious. You can protect yourself by being cautious of giving superuser and\/or device administrator rights to any app that asks for it. If the app looks shady like the two example above, this is especially true.<\/p>\n

So you’re infected with ransomware<\/h3>\n

A\u00a0good\u00a0anti-malware scanner like Malwarebytes Anti-Malware Mobile<\/a> can remove the ransomware, but only\u00a0BEFORE escalated rights are\u00a0granted. Afterward, it becomes a bit harder. For how to remove such infections, refer to blog post “Difficulty removing Koler Trojan or other ransomware on Android?<\/a>”<\/p>\n

As always, stay safe out there.<\/p>\n

The post Mobile Menace Monday: Ransomware targets Tencent users<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n

https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Nathan Collier| Date: Mon, 22 May 2017 14:00:31 +0000<\/strong><\/p>\n\n\n\n
<\/a><\/td>\n<\/tr>\n
Because Android ransomware is on the raise, users should be extra cautious.<\/p>\n

Categories: <\/p>\n