A report from cybersecurity business firm Check Point unveiled a new ransomware attack, where cybercriminals pose as the FBI to demand victims pay their "fine" by credit bill of fare.

According to the April 28 report, the malware — known as "Black Rose Lucy" — is unusual, since there are no ransom payments involving cryptocurrencies like Bitcoins (BTC) and information technology affects users of mobile devices with Android equally an operating arrangement.

Cheque Bespeak had already tracked the beginnings of the malware since September 2022, originating in Russia as a "Malware-as-a-Service" (MaaS) botnet. Nevertheless, it took the class of ransomware to brand various changes to the device and install malicious applications.

Fake FBI warnings

Every bit usual with ransomware attacks, Lucy encrypts files on the infected device and displays a faux FBI alarm, accusing the victim of possessing pornographic content on their devices.

The message as well states that the details of the targeted user have been uploaded to the FBI Cyber Criminal offence Department's Data Center and lists a series of bogus charges brought confronting them.

The fine is $500, but information technology must be paid via credit bill of fare instead of Bitcoin, as ransomware attacks usually operate.

Not a serious threat

Speaking with Cointelegraph, Brett Unconversant, threat annotator at Emsisoft, said he doesn't believe that mobile platforms are a target for serious ransomware groups:

"It's but non where the money is at. While an attack on corporate endpoints and servers can bring a visitor to a standstill and enable the criminals to extort a significant bribe, the same cannot be said for an attack on mobile devices."

Callow adds the following comment on the fact that ransomware attacks, like Lucy, have credit card payment:

"The fact that these low-level sextortion scammers are seemingly transacting via credit card rather than Bitcoin is unusual but not a particularly pregnant evolution. I certainly wouldn't look to see whatever of the real ransomware groups adopting the strategy."

Android'due south users get hacked with faux notifications

The cybersecurity firm says that Lucy uses an "ingenious" method to circumvent Android security, displaying a message request the user to activate existent-time video optimization.

Equally a next step, the cybercriminals persuade the victim to give malware permission to utilise the accessibility function in Android.

Cointelegraph reported on April 21 about a publication from Emsisoft lab malware that highlighted that there was a significant drop in the number of successful ransomware attacks on the public sector during Q1 2022, despite the COVID-19 crisis.