A new form of malware dubbed 'ScarePakage' is targeting U.S. smartphone owners and can render devices inoperable, according to security firm Lookout. The mobile ransomware tricks users by claiming it's from the FBI, saying phone owners are being investigated for alleged crimes. Once a device is compromised, the ransomware demands "several hundred dollars" or the device will remain under control of ScarePakage.
The ScarePakage ransomware doesn't need root administrator access, and has been designed to be overly intrusive. It runs a Java TimerTask every 10 milliseconds to prevent any other applications or processes to shut down, and stops hijacked devices from going into sleep mode.
"Mobile ransomware in and of itself is a fairly new tactic from malware authors and this is one of the first we've seen targeting the U.S. specifically," said Jeremy Linden, Lookout Senior Security Product Manager, in a statement to TweakTown. "That said, we are less concerned about ScarePakage distributes itself and more concerned about how difficult to remove it is. Once the application has device administrator permissions, it is very hard to regain control of the device."
To counter these threats, Lookout recommends users avoid giving device administrator privileges to applications except for apps where users are fully sure of how they operate. Also, applications should only be downloaded from official app stores or developers that users know and trust. Running some type of mobile security suite helps add another layer of defense to prevent many threats from successfully executing.
Much like other increasingly sophisticated malware threats, it appears ScarePakage was created by Russian - or other Eastern European cybercriminals - in a continued effort to target western users.