Researchers say a piece of ransomware disguised as a battery app made its way into the Play store.
Check Point says one of its customers contracted the malware app, dubbed "Charger," after installing what they thought was a battery monitoring tool called EnergyRescue.
Researchers with Check Point Mobile Threat Prevention say the malware activates when EnergyRescue runs, and requires admin access to the device.
Once that permission is granted, the malware checks for location (it does not attack phones in the Ukraine, Belarus, or Russia), then swipes all user contacts and SMS messages and locks down the device.
From there, the user is told that they must pay to deactivate the ransomware or they will have their full details spaffed out for various nefarious activities, including bank fraud and spam.
"You need to pay for us, otherwise we will sell portion of your personal information on black market every 30 minutes," the ransomware tells users.