Symantec has detected the first Ransomware threat targeting Android devices.
FakeAV software, a type of scam, uses malware that intentionally misrepresents the security status of a computer and attempts to convince the user to purchase a full version of the software in order to remediate non-existing infections. Messages continue to plague on the desktop until the payment is made, or until the malware is removed.
This type of fraud, which began several years ago, has evolved over time and has made its way onto Android devices. Symantec has uncovered Android.Fakedefender, that locks up the device just like Ransomware.
Once the malicious app has been installed, the user experience will vary according to compatibility issues with various devices. Many users will be unable to uninstall the malicious app as the malware will attempt to prevent other others from being launched. The threat also alters the settings of the operating system, and in some cases, users may not even be able to perform a factory data reset on the device, and will be forced to do a hard reset which involves performing specific key combinations and/or connecting the device to a computer in order to perform a reset using software provided by the manufacturer. If they are lucky, some users would be able to do a simple uninstall because the app may crash when executed due to compatibility issues.
Symantec is expecting FakeAV on the Android platform to develop into a serious issue just like it did on computers. As these threats may be difficult to get rid of once installed, Symantec advises installing a security app, such as Norton Mobile Security or Symantec Mobile Security, on your device. Malicious apps can also be avoided by downloading and installing apps from trusted sources.