You may receive something like this sinister message on your Android device:
You need to pay for us. Otherwise, we will sell portion of your personal information on black market every 30 minutes. WE GIVE 100% GUARANTEE THAT ALL FILES WILL RESTORE AFTER WE RECEIVE PAYMENT. WE WILL UNLOCK THE MOBILE DEVICE AND DELETE ALL YOUR DATA FROM OUR SERVER! TURNING OFF YOUR PHONE IS MEANINGLESS, ALL YOUR DATA IS ALREADY STORED ON OUR SERVERS! WE STILL CAN SELLING IT FOR SPAM, FAKE, BANK CRIME [etc]… We collect and download all of your personal data; all information about your social networks, bank accounts, credit cards. We collect all data about your friends and family.
This virus was discovered embedded in an app called EnergyRescue—the app is supposed to extend a device’s battery life. If the app is downloaded and installed, then given permissions to your phone or tablet—it locks the device until you pay a fee to have it unlocked.
Here is a screenshot of the app on Google Play (it could not be found in the Google Play store, as of the time of this post’s original publish):Image: apkplz.com/casual/energy-rescue
The virus, dubbed “Charger,” is an example of ransomware; your device is held hostage until you pay what is essentially a ransom fee to have it unlocked. This particular virus was discovered by the cybersecurity firm Check Point. According to the researchers, the virus demands that you pay what amounts to about $180 in bitcoins to unlock the infected device.
According to a statement from Check Point, “The malware was caught before it began to spread, so only a handful of devices were infected.” However, the same app is still available from third-party app stores, including this one.
Best practices dictate that you should not download apps from any source other than Google Play for Android devices. It’s not a 100% guarantee that you will never download malware, but apps on Google Play are pretty well-vetted.
Don’t pay hackers, if you get a virus asking for money. Instead, Avast, recommends a list of free ransomware removal tools. For business devices, you should look into a complete business solution, such as Check Point’s Mobile Threat Prevention tool.
If you are interested in the details of this particular bit of malware, reach Check Point’s blog entry on the Charger malware.