Malware

ScarePakage ransomware warns Android users of FBI probe

Share

Lookout has identified what it calls ScarePakage mobile ransomware that not only renders phones inoperable and data inaccessible, but sends users a message that they are being investigated by the FBI in an attempt to extort several hundred dollars via a MoneyPak voucher.

The ransomware masquerades as popular apps such as Adobe Flash and anti-virus apps, then acts as if its scanning a victim's phone, according to a blog post penned by Lookout's Meghan Kelly. 

Once the “scan” is complete, it locks the phone and makes it difficult to turn off. ScarePakage uses a Java TimerTask, running every 10 milliseconds, to effectively kill other running processes that a user might interact with. An Android WakeLock keeps the device from going to sleep. 

The ransomware, which can steal a user's IMEI, is very similar to ransomware known as ColdBrother or Svpeng.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.