Skip to main content
  1. Home
  2. Mobile
  3. News

New Android ransomware is spreading through text messages

By
 

There’s a new type of Android ransomware making the rounds that leverages SMS text messages to spread, according to a new report from cybersecurity company ESET. The ransomware has been active since July 12, and essentially uses victims’ contacts lists to spread.

Recommended Videos

According to the ESET blog post, the malware is called Android/Filecoder.C, and was first distributed on Android developer forums on Reddit, including the XDA Developers subreddit. On these forums, the malware was distributed through pornographic posts.

Please enable Javascript to view this content

Usually, the ransomware is disguised as an online sex simulator game, but sometimes its also a tech-related app. Once downloaded, the infected .APK file initiates contact with a server to access a list of addresses and encrypt and decrypt files in the background. It then sends the text messages, and scans the device to encrypt files with the extension “.seven.” That prevents users from being able to access files on their own device. Users are then told that to decrypt their files, they have to pay a ransom — which is usually between $94 and $188 — in the form of Bitcoin. According to the report, the ransom message could be shown in one of 42 languages, maximizing its reach. The malware is able to choose the language of the system, so the user can understand it. Once the ransom is paid, a the private key is sent to the victim, and they can then decrypt the files.

Once the malware is on a device, it’s able to send text messages to contacts on the phone with a link to an app that apparently uses the recipients’ photos — when, of course, it’s actually a malicious app. Sometimes, the link is masked using a bit.ly link.

It’s important to note that if you do find yourself with the malware, your files may not be lost, and you may not have to pay the ransom. According to ESET, while the ransom message says that files will be deleted in 72 hours, that isn’t always the case. Not only that, but encrypted files can be recovered without paying the attackers — though ESET is quick to note that if the attackers fix the flaws, the malware could become more advanced and become a more serious threat.

So how can you prevent being attacked? Simple — don’t download any apps from third-party sources, and don’t click on links sent via text message that tell you your photos are being used in an app.

Editors’ Recommendations

Topics
Christian de Looper
Christian de Looper
Contributor
Christian de Looper is a long-time freelance writer who has covered every facet of the consumer tech and electric vehicle…
Perplexity’s new AI agent can perform multi-step tasks on your Android device
Running Perplexity on OnePlus Pad 2.

Perplexity announced Thursday that it is beginning to roll out an agentic AI for Android devices, called Perplexity Assistant, which will be able to independently take multi-step actions on behalf of its user.

"We are excited to launch the Perplexity Assistant to all Android users," Perplexity CEO Aravind Srinivas wrote in a post to X on Thursday. "This marks the transition for Perplexity from an answer engine to a natively integrated assistant that can call other apps and perform basic tasks for you."

Read more
I finally tried the Android tablet made for seniors, and I’m impressed
GrandPad on Wireless Charging Dock with Grandie Chat

GrandPad, the Android tablet designed for seniors, has been around for years. However, it's not something I've ever been able to try for myself. I had a chance to change that at CES 2025, so I did.

What I discovered is a surprisingly competent senior-focused Android tablet, and one that now has a splash of AI to boot. Here's what I learned during my hands-on time with the GrandPad.
A tablet tailored for seniors

Read more
This Android 16 feature will change how you multitask forever
Three apps running side by side using multitasking features on a OnePlus Open held in hand.

Google is not expected to release Android 16 to the public for a few months, but there has already been significant buzz around the update. The most recent news about the update comes from Android Authority, and it’s particularly exciting for tablet users.

The report indicates that Android 16 will significantly enhance the split-screen mode. Inspired by OnePlus’ Open Canvas feature for the OnePlus Open—and later adapted for the OnePlus Pad 2—this update will enable users to run up to three apps simultaneously. Two apps will occupy 90% of the display in this setup, while the third will take up the remaining 10%.

Read more