This new variant, discovered by Zscaler, appears to target Russian speaking Android owners. It’s a cloned version of popular apps that is uploaded to 3rd party app stores. It waits 4 hours before kicking off a bunch of popup screens and finally holding the phone for ransom. While the ransom demand is low at about $8-$10 (500 Russian rubles), it’s still a good lesson to only download apps from legit stores.
Erich Kron, Security Awareness Advocate at KnowBe4, is a veteran information security professional with over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the 2nd Regional Cyber Center-Western Hemisphere and holds CISSP, CISSP-ISSAP, MCITP and ITIL v3 certifications, among others. Erich has worked with information security professionals around the world to provide the tools, training and educational opportunities to succeed in InfoSec