In the city-state of Singapore, there are posters all over the place that cautions you against taking lewd photos of yourself and sharing it with a stranger online, lest it leads to “sex-tortion”. That is sound advice, and it would be a major embarrassment if your family and friends were to see your supposedly private photos, right? The Trojan.Koler.A is an Android Ransomware that disables handsets until $300 is actually paid to scammers
Ransomware actually points an accusing finger at the device’s owner, citing that he or she might actually have checked out illegal pornography, before it threatens the handset’s owner with action by authorities. Koler.A “works” by making use of the country location and IP of the device in order to tailor specific warnings, with the request for a $300 fine to be paid using “untraceable payment mechanisms such as Paysafecard or uKash”, hanging the threat of the local authorities investigating your case.
This trojan would prevent infected handsets from accessing the home screen, which means majority of the actions on the phone itself is more or less impossible to access. If one decides to dismiss the message, it will pop up again in under 5 seconds.
Devices can be infected via traffic distribution systems that are more often than not located in infected ads, which will redirect users to such malicious sites. When one drops by one of these sites, downloads will be triggered unless the Android user is seasoned enough to ensure that all downloads outside of Google Play is automatically rejected.