Specialists of "Kaspersky Lab" found wide distribution network of a number of malicious programs, called Koler, which were aimed at both the Android-powered devices, and on users' computers with the operating system Windows.
The main feature is the lock screen malware infected Android-device file encryption without further or lock. Victims of the virus is usually passed on the links promised free porn, but in most cases were at risk of infection-blocker program. To restore access to the device required to pay 100 to 300 dollars.
Specialists of "Kaspersky Lab" conducted an analysis of the malware, it will install infrastructure. Among other things, it became known that the virus is spreading branched scheme. According to the company, the infrastructure of the malicious program "consists of a whole network of malicious porn sites, coupled with the system of traffic redirection, which redirects the victim to sites with malicious content, aimed not only on Android-powered devices, but also on computers with Windows-OS.
According to the "Kaspersky Lab" as a distribution network supports TDS, the main controller is a video-sartex.us. Users are lured to the network using 48 porn sites. From these requests were sent to the center of the system of redistribution of traffic, and then fell victim to one of the plurality of servers, distributing program-blockers.
According to the LC, the virus displays a message from the infected devaysa police. And the messages are localized for countries such as Austria, Belgium, Great Britain, Hungary, Spain, Canada, Australia and others.
According to the experts of the company, "as of July 23, the mobile component of the campaign is not valid, and the command server started sending users to query« Uninstall »(deletion)." Judging by the detected APK-file, virus writers can significantly extend the malicious campaign.