New Android Ransomware Variant of Simplocker Infects Tens of Thousands of Devices

Tens of thousands of Android devices have potentially been affected by a new variant of the Simplocker ransomware. Ransomware is a malicious type of software that either locks or encrypts your files or device, and leaves an alarming message demanding that the owner of the device pay a “ransom” to get their files or control of their device back.

This malware masquerades as a legitimate application, looking exactly like one you might find in the official Google Play Store. Once installed, it encrypts files on the device and displays an image posing as a warning from the US National Security Agency (NSA). The message claims that the user has conducted illegal activity and asks them to pay a fine:


The research comes from Checkpoint, which analyzed a malware sample first reported by Avast earlier this year. Checkpoint estimated that tens of thousands of Android devices have been infected with this threat, and that the majority of victims were located in the US. The company added that around 10 percent of victims paid between US$200 and $500 in ransom payments, allowing the attackers to earn between $200,000 and $500,000 for every 10,000 infections.

Symantec and Norton Protection

Symantec and Norton products detect this ransomware Trojan, Android.Simplocker.B.

If you have an Android device, you can download Norton Mobile Security for free.

For robust protection on all of your devices, check out Norton Security.

Symantec Security Response researchers are collecting the new samples mentioned in Checkpoint’s blog to see if detections need to be updated.

Top Tips To Safeguard Your Device from Ransomware:

  1. Don’t pay the ransom. These criminals are trying to extort you. The chances that you’ll get your files back are slim, and, by paying the ransom, you’re funding the bad guys so that they can continue to commit this crime. By not paying the ransom, you’re helping to defund their organization.
  2. Back up your device. By backing up your device regularly, you always have your files safely in hand, and you don’t have to worry about losing them, should a bad guy try to hold your device for ransom.
  3. Be wary of emails from senders you don’t know, particularly if those emails have attachments or links. Whatever you do, don’t click! Those attachments or links could provide a path for malware to get onto your device, letting the cybercriminals in.
  4. Avoid downloading apps from third party app markets, and be wary of “free” apps that seem to offer benefits that are “too good to be true” (free in-app purchases, free versions of paid apps, etc.). If you have Norton Security or Norton Mobile Security on your device, Norton Mobile Insight technology can screen apps in Google Play before you download them, letting you know which apps are trusted and secure.