ScarePakage ransomware warns Android users of FBI probe | SC Media
Threats, Malware

ScarePakage ransomware warns Android users of FBI probe

July 17, 2014

Lookout has identified what it calls ScarePakage mobile ransomware that not only renders phones inoperable and data inaccessible, but sends users a message that they are being investigated by the FBI in an attempt to extort several hundred dollars via a MoneyPak voucher.

The ransomware masquerades as popular apps such as Adobe Flash and anti-virus apps, then acts as if its scanning a victim's phone, according to a blog post penned by Lookout's Meghan Kelly. 

Once the “scan” is complete, it locks the phone and makes it difficult to turn off. ScarePakage uses a Java TimerTask, running every 10 milliseconds, to effectively kill other running processes that a user might interact with. An Android WakeLock keeps the device from going to sleep. 

The ransomware, which can steal a user's IMEI, is very similar to ransomware known as ColdBrother or Svpeng.

prestitial ad