ActionFraud - National Fraud & Cyber Crime Reporting Centre - Call 0300 123 2040

Simplocker - Android malware that encrypts your data and demands ransom

A new strain of malware has been discovered by researchers that encrypts the data on Android smartphones and then demands payment to unlock it.

Samsung galaxy

The way Simplocker works is simple. Once the device is infected with the malware it scans victims' SD memory cards for certain files, including images, PDFs, audio files and other documents. When the scan is complete, Simplocker encrypts the data so that it cannot be viewed or edited until the user agrees to pay to have it unlocked.

ESET, the security company that analysed the malware say that Simplocker appears to only be active in the Ukraine and is not found on Android's official Google Play Store.

Simplocker demands a payment of 260 Ukrainian hryvnias (£13) to decrypt victims' files. Simplocker is significantly weaker than that of Cryptolocker, the widespread Windows ransomware that the National Crime Agency has warned about this week.

How to protect your Android device and data from malware

  • Only install your applications from official app stores like Google Play.
  • Make sure you install a reputable anti-virus program to scan all new apps automatically before they run for the first time.
  • Regularly back up all of your data on your phone, either manually or by connecting to a PC.
  • Ensure you are running the latest update of Android available to make sure you get the latest security benefits.
  • Treat your smartphone like a PC, never click on suspicious links or download unsolicited attachments.

If you smartphone or computer is ever infected with ransomware never to pay the ransom as there is no guarantee the cybercrimnals will unlock your data - instead seek professional IT advice and report it to us.

For further information visit ESET website.

Please note that Action Fraud is not responsible for the content of external websites.

If you’ve lost money or information or your computer/smartphone has been taken over by a phishing or malware attack report it to Action Fraud.

Related links

Look out for Android “police” malware

Mobile malware and malicious apps reach one million

Most shared articles

Related articles