Skip to main content
  1. Home
  2. Phones
  3. Android
  4. Mobile
  5. News

New Android ransomware is spreading through text messages

Add as a preferred source on Google
 

There’s a new type of Android ransomware making the rounds that leverages SMS text messages to spread, according to a new report from cybersecurity company ESET. The ransomware has been active since July 12, and essentially uses victims’ contacts lists to spread.

Recommended Videos

According to the ESET blog post, the malware is called Android/Filecoder.C, and was first distributed on Android developer forums on Reddit, including the XDA Developers subreddit. On these forums, the malware was distributed through pornographic posts.

Usually, the ransomware is disguised as an online sex simulator game, but sometimes its also a tech-related app. Once downloaded, the infected .APK file initiates contact with a server to access a list of addresses and encrypt and decrypt files in the background. It then sends the text messages, and scans the device to encrypt files with the extension “.seven.” That prevents users from being able to access files on their own device. Users are then told that to decrypt their files, they have to pay a ransom — which is usually between $94 and $188 — in the form of Bitcoin. According to the report, the ransom message could be shown in one of 42 languages, maximizing its reach. The malware is able to choose the language of the system, so the user can understand it. Once the ransom is paid, a the private key is sent to the victim, and they can then decrypt the files.

Once the malware is on a device, it’s able to send text messages to contacts on the phone with a link to an app that apparently uses the recipients’ photos — when, of course, it’s actually a malicious app. Sometimes, the link is masked using a bit.ly link.

It’s important to note that if you do find yourself with the malware, your files may not be lost, and you may not have to pay the ransom. According to ESET, while the ransom message says that files will be deleted in 72 hours, that isn’t always the case. Not only that, but encrypted files can be recovered without paying the attackers — though ESET is quick to note that if the attackers fix the flaws, the malware could become more advanced and become a more serious threat.

So how can you prevent being attacked? Simple — don’t download any apps from third-party sources, and don’t click on links sent via text message that tell you your photos are being used in an app.

Christian de Looper
Christian de Looper is a long-time freelance writer who has covered every facet of the consumer tech and electric vehicle…
Google’s next Gemini upgrade might not arrive as soon as expected
Even Google's AI needs more time to finish its homework
google-gemini-ai-news-accuracy

Google helped kickstart the modern AI race, but staying ahead has turned out to be far more difficult than joining it. According to a new Bloomberg report, the company has fallen months behind its internal schedule for launching Gemini 3.5 Pro, its next flagship AI model, as engineers continue working to improve one of its biggest weaknesses: coding.

The delay isn't simply about polishing another chatbot. It highlights a broader problem facing Google, where massive engineering teams, multiple product divisions and increasingly strict AI safety requirements are slowing the company's ability to respond to rivals that seem happy to move much faster.

Read more
The iPhone 18 Pro Max camera could open and close like a real lens for better portraits
A leaked factory log just spoiled the iPhone 18 Pro Max’s best camera upgrade
iphone 18 pro

Apple’s next flagship camera may learn how to open and close its eye. A diagnostic log reportedly connected to the iPhone 18 Pro Max contains calibration data for a variable-aperture main camera, according to Notebookcheck.

The internal document was found among files allegedly stolen from Apple supplier Tata Electronics and released by the World Leaks ransomware group. Apple has neither verified the material nor commented on the report. And of course, Apple has neither verified the material nor commented on the report.

Read more
Messi or Ronaldo? Caviar made football’s greatest rivalry an expensive 24-karat choice
Football’s biggest debate just became Android vs iPhone
Samsung Galaxy Z Fold 8 Ultra and iPhone 17 Pro with 24-karat gold design with Ronaldo and Messi etching

Caviar has moved football’s greatest debate onto another fiercely contested battlefield. The Android versus iPhone discussion is getting more heated by adding Ronaldo and Messi to the mix. The luxury-device company's new Legends collection pairs Lionel Messi with a customized Samsung Galaxy Z Fold 8 Ultra, while Cristiano Ronaldo gets an iPhone 17 Pro and iPhone 17 Pro Max. Both designs use handcrafted cloisonné enamel and 24-karat gold plating, with prices starting at $18,382 for Messi’s foldable and $15,974 for Ronaldo’s iPhone.

Messi gets the foldable, Ronaldo gets the iPhone

Read more