Researchers discovered a new variant of the Frantic Locker malware.
Don’t bother checking the TV guide tonight: all that’s on is ransomware.
Researchers at Trend Micro discovered an updated version of the Frantic Locker (FLocker) malware that is capable of locking smart TVs.
Launched in May 2015, FLocker initially targeted Android phones with the Unknown Source setting toggled on. But an improved variant appears capable of infecting Android-powered televisions.
FLocker locks a device’s screen, displays a fake notice from US Cyber Police or another law enforcement agency, accuses potential victims of crimes they did not commit, and demands $200 worth of iTunes gift card as ransom.
“There are no major differences between a FLocker variant that can infect a mobile device and one that affects smart TVs,” Trend Micro researcher Echo Duan wrote in a blog post.
In the last year, Trend Micro uncovered more than 7,000 variants of the malware; the latest spike came in mid-April when 1,200-plus new ones appeared.
Android users in Kazakhstan, Azerbaijan, Bulgaria, Georgia, Hungary, Ukraine, Russia, Armenia, and Belarus are safe from harm: If FLocker detects the device is located in any of those Eastern European countries, it deactivates itself.
Everyone else is at risk: Once it recognizes a compatible target, FLocker waits for 30 minutes after infecting the unit before running its routine, Duan explained. The ransom webpage fits the screen, regardless of shape or size. While the screen is locked, a hacker can collect device information, phone numbers, contacts, real-time location, and other private details.
“Ransomware usually reach users via spam SMS or malicious links,” Duan said. “This is why users should be wary when browsing the Internet or when receiving messages or emails from unknown sources.”
In the case that you are duped, Trend Micro urges users to contact their device vendor—be it a phone carrier or TV merchant.