1. Symantec/
  2. Security Response/
  3. Android.Simplocker


Risk Level 1: Very Low

June 5, 2014
August 6, 2015 2:35:12 PM
Infection Length:
Systems Affected:
Android.Simplocker is a Trojan horse for Android devices that may encrypt files on the compromised device. It then asks the user to pay in order to decrypt these files.

Android package file
The Trojan may arrive as a package with the following characteristics:

Package name: org.simplelocker
Version: 1.0
Name: simplelocker

Once installed, the application will display an icon of the Google Android mascot with the text "Sex xonix"

For more information see our blogs:
Simplocker: First Confirmed File-Encrypting Ransomware for Android
The dawn of ransomwear: How ransomware could move to wearable devices

Antivirus Protection Dates

  • Initial Rapid Release version June 5, 2014 revision 005
  • Latest Rapid Release version February 28, 2018 revision 016
  • Initial Daily Certified version June 5, 2014 revision 017
  • Latest Daily Certified version February 28, 2018 revision 019
  • Initial Weekly Certified release date June 11, 2014
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Roberto Sponchioni, Zhicheng Zeng

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube