Flocker infects even smart TVs and ask for a ransom to unlock them
A ransomware threat called FLocker, known more as the “Cyber Police Virus” has been infecting smartphone and tablet devices from quite a time now. Its creators are working hard on updating and spreading the threat, which usually comes through spam messages or malicious links. The new updates enable the malware to infect even smart TVs and ask a ransom to unlock them.
In its latest version, Flocker comes as a Trojan horse infection and is pretending to be the US Cyber Police. It may be covered under other enforcement agency names and is usually acting by accusing its victims of cyber crimes, which of course are fake. This tactic is used to panic the unsuspecting victims and make them act impulsively by paying $ 200 as a “fine” for their crimes.
Want to watch TV? – Pay a ransom!
Unlike other threats from the ransomware family, Flocker reaches a bit far in its infection abilities. Security experts are saying that apart from mobile devices, Flocker can infect even smart TVs. According to their analysis, the same threat could be effectively used to infect Android Smart TV without the need of other special updates or modifications. This ability, unfortunately, indicates another huge market for ransomware to take advantage of and make users pay for having access to their TVs.
The “Cyber Police Virus” is very good at hiding itself. It is even able to fool static code analysis, and sneak through a dynamic sandbox protection. The infection is targeting users worldwide and even personalizing the ransom note message. To look more trustworthy, the fake Cyber Police message includes the IP address and the photo of the victim. In some cases, this is more than enough for them to get panicked and pay the ransom fine. However, the funny thing is that the fine is demanded in iTunes gift cards, and this certainly is not the way to pay fines issued by official institutions or law authorities. This fact itself may wake up the victims’ alertness and prevent them from losing their money in a ransom.
If an Android TV gets infected, experts advise users to contact the device vendor for solution and support. In case this is not possible, victims may try to remove the malware by enabling the ADB debugging function. This could be done when the smart TV is connected to a PC and the ADB shell is launched. A “PM clear %pkg%” command should be executed that stops the ransomware process and unlocks the screen. Then, the victims can deactivate the device admin privilege that Flocker granted itself and successfully uninstall the malicious application. However, we believe that prevention is always preferable rather than having to deal with all that infection. Therefore, being smart when interacting with online content is crucial for the health of all our devices.