This article was published on April 28, 2020

New Android ransomware threatens to ‘expose’ your porn escapades to the FBI

... unless you pay $500 (but not in Bitcoin)


New Android ransomware threatens to ‘expose’ your porn escapades to the FBI

No, the feds don’t care about the porn you may or may not have downloaded — but hackers sure want you to believe so.

There’s a new Android ransomware that encrypts your files and poses as the FBI to trick you into providing your credit card information. Dubbed Black Rose Lucy, the malicious app accuses victims of storing porn on their phone, and threatens their details have been uploaded to the FBI Cyber Crime Department’s data center.

It also comes with a list “legal offenses” the user has allegedly committed. None of this, of course, is true. Instead, it’s merely a tactic for the attackers to pressure potential victims into paying a $500 “fine” via credit card. Weirdly enough, the hackers insist on credit card payments, and “not Bitcoin.”

The researchers warn the ransomware spreads through various social media and messengers, disguising itself as a “video streaming optimizer.” It then tricks users into enabling Android’s accessibility service and grants itself administrative privileges, which allows it to encrypt your files and display a ransom note.

Black Rose Lucy was discovered by researchers from security firm Check Point, which first came across the Lucy ransomware family in 2018. Originating from Russia, Lucy is a malware-as-a-service botnet which downloads and installs new threats with ransomware capabilities.

The malware has evolved since then, though. “We are seeing an evolution in mobile ransomware: It’s becoming more sophisticated and efficient,” said Check Point’s Aviran Hazum. “Threat actors are learning fast, drawing from their experience of past campaigns, and the impersonation of a message from the FBI is a clear scare tactic.”

Sextortion scams are nothing new. In fact, researchers from Digital Shadows found that in 2019 attackers netted over $300,000 worth of Bitcoin by blackmailing users over email. Black Rose Lucy takes this scam to a new level, though, since it actually takes your phone as hostage.

To avoid falling victim to Black Rose Lucy, make sure you download apps only from trusted sources, like the Google Play Store (even though even that isn’t always safe as we’ve previously seen.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with