New 'El Gato' Android ransomware may sound cute, but it packs a punch

el gato android ransomware cat
Flickr/Jarjav CC
A killer software cat may be coming for your text messages, according to a threat report by McAfee Labs Mobile Malware Research team. It’s been dubbed “El Gato” — “The Cat,” in Spanish — because the Android malware’s code contains, of all things, an image of a yowling tabby.

McAfee discovered an instance of El Gato running on a compromised server, but noted that it appeared inert — it wasn’t password protected, and “included code words such as MyDifficultPassw.” 

Unlike the pictured kitty, El Gato is anything but cute and cuddly. The malicious software is a form of ransomware, code that renders a device unusable until the victim forks over money. This one is particularly sophisticated, from the sound of it — El Gato can encrypt files, steal text messages, and even “block access” to the affected handset or tablet entirely.

El Gato accomplishes most of its nasty shenanigans remotely, via a connection with an offshore server. It constantly monitors an infected device’s internet connection for commands and, once it receives them, executes on them. Among the most common functions McAfee’s researchers discovered were sending messages from the infected device, forwarding and deleting text messages, locking the device’s screen, and crashing a specific application. Worryingly, it’s capable of performing many of those tasks clandestinely, in the background, making them effectively invisible to victims.

The image contained in El Gato's code.
The image contained in El Gato’s code.

Most of El Gato’s commands are dispatched through a surprisingly polished web-based interface, said McAfee. They can be executed in sequence or individually — stealing a text message, frighteningly, is as easy as clicking a button in a web browser.

Perhaps worse yet, El Gato is capable of encrypting all files on the device’s internal storage — rendering it essentially unusable without the randomly generated password it generates. It contains a means of reversing the damage — the malware has can decrypt any file it secures — but presumably only after an affected user hands over whatever form of payment the attacker demands.

There’s good news, though: as far as malware goes, El Gato is relatively harmless. It hasn’t been observed in the wild yet, and its traffic is entirely unencrypted, making it susceptible to countermeasures. In other words, El Gato’s commands could be intercepted, isolated, and rendered harmless.

El Gato may be the latest instance of ransomware to emerge on Android, but it’s hardly the first. In May, cybersecurity analysts at Malwarebytes Labs discovered Cyber.Police, a malicious app that displayed a countdown timer, threatening message, and an explicit pornographic image to victims. It demanded that users purchase iTunes gift cards in exchange for an unlock code — a component which El Gato thankfully lacks, as of yet.


Xiaomi Mi 9 will be one of the first phones with monster Snapdragon 855 chip

Xiaomi's next major smartphone release will be the Mi 9, and the company hasn't held back in giving us a good look at the phone, revealing the design, the camera, and a stunning color.

These 30 useful apps are absolutely essential for Mac lovers

There are literally hundreds of thousands of great software programs compatible with MacOS, but which should you download? Look no further than our list of the best Mac apps you can find.

These are the 6 best free antivirus apps to help protect your MacBook

Malware protection is more important than ever, even if you eschew Windows in favor of Apple's desktop platform. Thankfully, protecting your machine is as easy as choosing from the best free antivirus apps for Mac suites.

Samsung teases it will reveal its foldable phone during the Galaxy S10 event

Samsung has been showcasing bendable display tech for a few years and now a folding smartphone might finally arrive. The Galaxy X, or perhaps the Galaxy Fold, may be the company's first example. Here's everything we know about it.

Galaxy Watch Active isn't official yet, but you can see it in Samsung's own app

Samsung may be about to resurrect its Sport line of smartwatches under a new name: The Galaxy Watch Sport Active. Leaks and rumors are building our picture of the device at the moment.

Stop buying old tablets, says Samsung, buy the new Galaxy Tab S5e instead

Samsung has launched the Galaxy Tab S5e -- the E is for Essential -- a reasonably priced tablet that includes many of the features we like from the Tab A 10.5, and the Tab S4. Here's what you need to know.

Focals succeed where Google Glass fumbled (but do we really need smartglasses?)

It’s been seven years since Google took the wraps off Google Glass. Now, we’re finally getting a modern-day equivalent we want to wear. North’s Focals combine subtle style with an intuitive interface to craft smartglasses you’ll…

Bag yourself a bargain with the best budget tablets under $200

The battle for your budget tablet affections is really ramping up. Which tablet, costing less than $200, should be commanding your attention? We take a look at some different options for the budget-conscious.

What is Wi-Fi 6? Here's a look at the next evolution of the wireless standard

We're exploring the new naming convention for wireless standards, how it affects the devices you buy, and what the upcoming Wi-Fi generation is changing for the better.
Home Theater

Samsung accidentally leaks its new Galaxy Buds ahead of launch

It's been all but certain that Samsung would launch a successor to its Gear IconX wireless earbuds soon, but a newly leaked photo and recent FCC certification document seems to indicate that the debut is very close.
Home Theater

Hi-res streaming audio service Qobuz arrives in U.S., threatens Tidal’s monopoly

For several years, Tidal enjoyed a monopoly on hi-res music streaming in the U.S. Now, French company Qobuz is here to offer some competition with a variety of monthly plans starting at $10 a month.

These 13 gadgets walk a fine line between ingenious and insane

The annual avalanche of devices and gadgets is astounding, but how many will succeed? A few are destined to spark new trends, while the majority fade deservedly into obscurity. We look at some gadgets on the border of brilliant and bonkers.

OnePlus 6T vs. Honor View 20: We compare the cameras in these ‘flagship killers’

For less than $600, you can buy either the OnePlus 6T or the Honor View 20, two extremely capable smartphones with plenty of exciting features. But which one has the best camera? We found out on a recent trip to France.

Save space on your iPhone by turning off Live Photos in the camera app

If you want to save storage space on your iPhone or reduce the size of your backup for iCloud, then you should think about turning off Live Photos in the camera app. Find out exactly how to do it with our easy guide.