We have been following the evolution and mass spreading of Android ransomware for a while now. After seeing early ransomware families combining fake antivirus with the ability to lock the devices screen (Android Defender, for example), last year we discovered Simplocker, the first Android ransomware to actually encrypt user files. This time, ESET researchers have discovered the first known Android lock-screen-type ransomware spreading in the wild that sets the phone’s PIN lock.
In previous Android LockScreen Trojans, the screen-locking functionality was usually achieved by constantly bringing the ransom window to the foreground in an infinite loop. While various self-defense mechanisms were implemented to keep the device user locked out, it wasn’t too difficult to get rid of the malware thus unlocking the device by using Android Debug Bridge (ADB) or deactivating Administrator rights and uninstalling the malicious application in Safe Mode.
Aggressive Android ransomware spreading in the USA
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.