phone_bluetooth_speakerUNDER ATTACK? S.O.S. LINE 800.929.5416

Top Categories

Spotlight

CHP investigates 16 additional confirmed cases of COVID-19

todayMarch 8, 2021

COVID-19 Georgianna Mayoral

CHP investigates 16 additional confirmed cases of COVID-19

CHP investigates 16 additional confirmed cases of COVID-19  ***********************************************************      The Centre for Health Protection (CHP) of the Department of Health (DH) announced that as of 0.00am, March 7, the CHP was investigating 16 additional confirmed cases of coronavirus disease 2019 (COVID-19), taking the number of cases to 11 091 in [...]


Microsoft warns of new Android ransomware threat

Global news seamus.obuachalla todayOctober 9, 2020

Background
share close

Microsoft has published a warning about a mobile exploit that targets the “incoming call” and “Home” functions of the Android operating system. Here’s what we know about the AndroidOS/MalLocker.B ransomware.

AndroidOS/MalLocker.B malware

A new mobile threat

The exploit is being used by hackers to hijack Android users’ devices and lock their screens as part of ransomware attacks.

The AndroidOS/MalLocker.B ransomware is commonly found in software available for download from non-official forums and 3rd-party websites.

We found a piece of a particularly sophisticated Android ransomware with novel techniques and behaviour; exemplifying the rapid evolution of mobile threats that we have also observed on other platforms.”

Modus operandi

The AndroidOS/MalLocker.B follows the modus operandi of most android ransomware. It locks the users’ screen rather than encrypting the devices files. Computer-based ransomware attacks typically will encrypt user data and then offer the encryption key for a price.

The AndroidOS/MalLocker.B takes over the user’s phone screen. It then replaces it with a ransom note, typically made to look as if it’s from local law enforcement. The ransomware further stops the user from dismissing the message.

Previous Android Ransomware attacks have targeted system alert windows or disabled functions associated with the phone’s buttons.

The mobile ransomware, detected by Microsoft Defender for Endpoint as AndroidOS/MalLocker.B, is the latest variant of a family that’s been in the wild for a while but has been evolving non-stop”. 

How does it work?

The AndroidOS/MalLocker.B ransomware targets the call notification function. This would typically display caller data on the screen. The AndroidOS/MalLocker.B exploit uses this function to display its ransom note over the entire screen.

Sample ransom note used by older variants. Image via Microsoft

In order to stop the user from simply switching apps or returning to the home screen, the AndroidOS/MalLocker.B ransomware also exploits the function that would normally allow users to hold the home button or recent button to switch to another app.

This is the first time an attack using these specific exploits are being reported in the wild though is not the first ransomware attack to target the Home button as an exploit.

What is the risk?

While the AndroidOS/MalLocker.B is a significant security risk, most users shouldn’t be too worried about it. This specific strain of malicious code is a bit too simplistic to make it’s way past the security on the Play Store.

If however you regularly download APKs from 3rd party sites and forums you could be at risk, and you’d be well advised to be very certain of the safety of software from non-official sources.

As the number of cyber attacks continues to rise, mobile users have to become more wary with more and more attacks targeting mobile users, whether they be phishing attacks or ransomware attacks like these.

A detailed breakdown of the ransomware can be found here.

Also read – Chrome can now detect hacked passwords on Android and iPhones

Help support journalists, the guardians of independent journalism, through our student media initiative that gives a voice to students and their generation! Find out more…

DMCA.com Protection Status

Written by: seamus.obuachalla

Rate it
Previous post

LOGO



Products


Company


Contacts

Support