The source code of the SLocker Android malware, one of the most popular Android ransomware families, has been leaked online for free, allowing crooks to develop their own variant of the threat.
SLocker was first spotted in 2015, it is the first ransomware to encrypt Android files.
The SLocker source code has been leaked on GitHub by a user who uses the online moniker “fs0c1ety,” the hacker is inviting everyone to contribute to the code and submit bug reports.
“The SLocker family is one of the oldest mobile lock screen and file-encrypting ransomware and used to impersonate law enforcement agencies to convince victims to pay their ransom.” states fs0c1ety.
The SLocker, aka Simple Locker, is a mobile ransomware that locks victims’ mobile devices and requests the payment of a ransom to unlock them.
The malware impersonates law enforcement agencies to convince victims to pay the ransom, it infected thousands of Android devices in 2016.
According to the experts, more than 400 new variants of the SLocker ransomware were observed in the wild in May, while in May researchers at Trend Micro found a variant mimicking the WannaCry GUI .
Once infected the mobile device, SLocker runs silently in the background and encrypts any kind of file on the smartphone, including images, documents, and videos.
The ransomware is also able to hijack the mobile device, making impossible for the owners to access the device.
The availability of the SLocker source code will likely increase the number of samples that will be detected in the wild in the incoming weeks.