Check Point Reveals black rose lucy Ransomware Attack
Smartphone Ransomware, Black Rose Lucy With No Payments Involving Crypto Resurfaced
April 29, 2020
Check Point Reveals black rose lucy Ransomware Attack
Smartphone Ransomware, Black Rose Lucy With No Payments Involving Crypto Resurfaced
April 29, 2020

A recent research report from Check Point Research, the leading cybersecurity firm, has revealed a ransomware attack, where cyber criminals pose as the FBI to demand victims pay their “fine” by credit card.

On April 28, it has been reported that the malware, known as “Black Rose Lucy,” is unusual, since there are no ransom payments involving cryptocurrencies like Bitcoins and it affects users of mobile devices with Android as an operating system. Distribution of the malware is social based, researchers said, where targets are enticed to download a video player booby-trapped with the Lucy dropper.

The malware family, operated by the Lucy Gang, encrypts targeted Android devices and delivers a spoofed FBI message. The ransom note claims the phone’s user has visited “forbidden pornographic sites” on their phone and that a “snapshot” of their face was uploaded to the agency. Pay $500 and the problem goes away, according to Check Point security researchers.

ALSO READ :  Blockchain Service Network Introduces Another Batch Of Major Blockchain Protocols

However, Check Point had already traced the beginnings of the malware back in September 2018, originating in Russia as a “Malware-as-a-Service” (MaaS) botnet, as it took the form of ransomware to make various changes to the device and install malicious applications.

As per report, Check Point Research found that the malicious script now hosts additional features, such as its ransomware component, the ability to take control of the victim’s devices, and the capability to install other malicious applications.

The ransom note Black Rose Lucy uses
The ransom note Black Rose Lucy uses

Also, the message states that the details of the targeted user have been uploaded to the FBI Cyber Crime Department’s Data Center and lists a series of bogus charges brought against them.

Brett Callow, the Threat Analyst at Emsisoft, said that he does not believe that mobile platforms are a target for serious ransomware groups.

He added:

“It’s simply not where the money is at. While an attack on corporate endpoints and servers can bring a company to a standstill and enable the criminals to extort a significant ransom, the same cannot be said for an attack on mobile devices.”

Also, Callow stated:

ALSO READ :  'Believers Reward Offering' Is The First Sustainable Alternative To ICOs And STOs

“The fact that these low-level sextortion scammers are seemingly transacting via credit card rather than Bitcoin is unusual but not a particularly significant development. I certainly wouldn’t expect to see any of the real ransomware groups adopting the strategy.”

However, Check Point says that Black Rose Lucy uses an “ingenious” method to circumvent Android security by displaying a message asking the user to activate real-time video optimization. The cybercriminals, as a next step, induce the victim to give malware permission to use the accessibility function in Android.

Researchers stated that the incidents of mobile malware are becoming more common and growing more sophisticated day by day. Sooner or later, the mobile world will experience a major destructive ransomware attack. For a technical understanding of how the new Black Rose Lucy works, you can check the researchers’ notes uploaded to their blog here.

Source: Check Point Research (blog) | Cointelegraph


Crypto News Point a news platform of Digital Notice Media Labs is primarily a regular publication of information, commentary and articles focused extensively on fintech, blockchain technology, cryptocurrency, blockchain-based tokens, cryptocurrency market trends, and trading strategies. We do not provide individually tailored investment advice and does not take a subscriber’s or anyone’s circumstances into consideration when discussing investments, nor is Crypto News Point registered as an investment adviser or broker-dealer in any jurisdiction. Information contained herein is not an offer or solicitation to buy, hold, or sell any digital assets.

Affiliate Disclosure: To help support the work we do here at CNP, we often link to products and deals from around the web. Should you buy some of these, we may get a portion of the sale.

We in generally gather content from the major websites. In every article there is always a clear link and attribution to the source publication. If you have any issue with any of our published content taken from your site, kindly let us know so that we can take appropriate action. In any case, the content of the pages of this website is for your general information and use only. It is subject to change without notice.

You May Also like

Colombian Stock Exchange Joins Consorcio Colibrí

Colombian Stock Exchange Joins Consorcio Colibrí

The Colombian Stock Exchange (CSE) has announced that it is joining the Consorcio Colibrí, a private initiative that promotes the adoption of blockchain technology within the finance industry. It has been reported that...

Ishita Bora

Ishita Bora is a Senior Content Creator at Digital Notice Media Labs with an experience of 1 year. She has completed her Master's Degree in Language and Linguistics in 2019 from Gauhati University, India. Her interest lies in blockchain technology and cryptocurrency space, as she loves writing about blockchain and other blockchain-related articles. Currently, she is working on blockchain-based news, reviews, featured articles, and guides.