Types header

 

Name

SVPENG (RUSSIAN ORIGIN)

Type

Crypto Ransomware

Encryption Type

Cryptor method

Short Description

Discovered in July 2013, This targets android devices. This was basically created for stealing the credit card information from Russian bank customers. This locks the phone, then displays a message that accuses users like accessing child pornography and demands some ransom to be paid. Mode of payment was via Money pak.

Symptoms

Loss of personal information

Svpeng will change the browser settings.

Will slow down the device

Lot of pop-ups

 

Distribution Method

Through installation of video codec that comes with Trojan.

Visiting malicious websites.

Image

SVPENGRUSSIAN ORGIN 

 

More Details

The researchers state that this has the ability to make victim computer vulnerable even to remote attacks. This can also block malicious software removal tools and even changes the wallpaper of victims. There are removal tool for this ransomware.

The Trojan checks user’s phone for certain list of financial applications and targets them. SVPENG checks on the following application present on a victim’s devices.

SVPENGRUSSIAN ORGIN1.1

Then the files are locked and the victim gets a message which claims to be from FBI, explaining that those infected files were used to access illegal content and it will remain blocked until the specific ransom is paid.

This also gives lot of pop-up alerts. Some of the fake pop-ups are as given

SVPENGRUSSIAN ORGIN1.2

 

More details

http://www.pc-virusremove.com/remove-svpeng-virus-how-to-uninstall-remove-svpeng-virus/