1. Symantec/
  2. Security Response/
  3. Android.Simplocker


Risk Level 1: Very Low

June 5, 2014
August 6, 2015 2:35:12 PM
Infection Length:
Systems Affected:
Android.Simplocker is a Trojan horse for Android devices that may encrypt files on the compromised device. It then asks the user to pay in order to decrypt these files.

Android package file
The Trojan may arrive as a package with the following characteristics:

Package name: org.simplelocker
Version: 1.0
Name: simplelocker

Once installed, the application will display an icon of the Google Android mascot with the text "Sex xonix"

For more information see our blogs:
Simplocker: First Confirmed File-Encrypting Ransomware for Android
The dawn of ransomwear: How ransomware could move to wearable devices

Antivirus Protection Dates

  • Initial Rapid Release version June 5, 2014 revision 005
  • Latest Rapid Release version June 25, 2017 revision 019
  • Initial Daily Certified version June 5, 2014 revision 017
  • Latest Daily Certified version June 26, 2017 revision 002
  • Initial Weekly Certified release date June 11, 2014
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Roberto Sponchioni, Zhicheng Zeng

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube