Lucy Malware

Lucy Malware Description

The Android operating system has become a valuable target for cybercriminals worldwide, and mobile anti-virus products are an excellent investment that can keep your devices protected against threats like the Lucy Malware. This particular malware family is not used by only one group of cybercriminals and, instead, its authors have opted to rent it to other crooks – this is done via advertisements and threads on underground hacking forums. Users who opt to purchase a copy of the Lucy Malware may then use it to infect victims worldwide.

So far, the Lucy Malware attacks appear to be concentrated in countries that used to be part of the USSR. The copies of the Lucy Malware discovered in the wild had code that is used to check the compromised device's country code – if it matched one of the intended targets, the malware would proceed to launch the attack. In all other cases, the Lucy Malware would delete itself.

The Lucy Malware Works as a Backdoor but Prioritizes Encrypting Files

Although the Lucy Malware is able to function as an Android backdoor Trojan, the primary purpose of the threat is to encrypt the files of its victims. Often, file-lockers only go after specific file formats, but the Lucy Malware will encrypt all accessible files on the infected device. It is important to mention that it will try to encrypt files on the SD card, as well.

Often, ransomware authors ask for a cryptocurrency payment in exchange for their decryption services, but the crooks behind the Lucy Malware have opted to go for a different strategy. Their ransom note warns victims that their device's contents were locked by the FBI because they were caught browsing illicit adult sites. Furthermore, victims are told that their photos have been taken and added to the criminal database – all of these statements are fake. Finally, the ransom note tells the victims that they have to pay a penalty of $500 to restore their data – surprisingly, the perpetrators want the victim to enter their credit card data to complete the payment. Of course, you should not accept this offer.

Unfortunately, recovering the files locked by the Lucy Malware appears to be impossible for now, and you cannot rely on the attackers to help you with this task, certainly. The best thing to do is to run an Android-compatible anti-malware application that will eradicate the malware and prevent it from causing more trouble. The only way to get some of your data back would be to restore from a backup.