Date:13/02/17
This usage of dropper along with malware is a relatively new technique, although it is a very popular for desktop computers. Furthermore, the researchers say, the actors who are using it have also implemented a 2D barcode technique that is meant to help them receive payment from victims, only problem is they did it ineffectively.
Lockdroid ransomware that was spotted about a year ago was designed to encrypt the user files and then perform other nefarious activities as well. It the requests device admin rights and, if the user allows them, it can also lock the device, prevent the user from uninstalling by modifying the user interface (UI), and can even force factory resets, and thus erasing all the user data from the infected device.
The malware designed now to drop the Android.Lockdroid.E ransomware is being distributed via third-party apps, but also through forum posts and text messages. This malware first attempted to drop a version of itself only onto rooted devices, or locks those devices that haven’t been rooted, Symantec discovered.
Once installed on a device, the malicious app checks to see whether the device has been rooted and requests root access permissions if it has. The malware claims that this would allow it to access thousands of adult movies for free, in an effort to convince potential victims of the necessity of these permissions.
Once the user agrees, the malware drops a copy of itself onto the device, by remounting the /system partition, copying the embedded APK file for Android.Lockdroid.E to /system/app/[THREAT NAME].apk, changing the dropped APK file’s permission to executable, and rebooting the device so the threat can run on boot completed as a system application.
Android Ransomware Becomes More Powerful by Using Dropper
The Symantec security researchers warn that the use of droppers to infect devices with ransomware has now spread to Android.This usage of dropper along with malware is a relatively new technique, although it is a very popular for desktop computers. Furthermore, the researchers say, the actors who are using it have also implemented a 2D barcode technique that is meant to help them receive payment from victims, only problem is they did it ineffectively.
Lockdroid ransomware that was spotted about a year ago was designed to encrypt the user files and then perform other nefarious activities as well. It the requests device admin rights and, if the user allows them, it can also lock the device, prevent the user from uninstalling by modifying the user interface (UI), and can even force factory resets, and thus erasing all the user data from the infected device.
The malware designed now to drop the Android.Lockdroid.E ransomware is being distributed via third-party apps, but also through forum posts and text messages. This malware first attempted to drop a version of itself only onto rooted devices, or locks those devices that haven’t been rooted, Symantec discovered.
Once installed on a device, the malicious app checks to see whether the device has been rooted and requests root access permissions if it has. The malware claims that this would allow it to access thousands of adult movies for free, in an effort to convince potential victims of the necessity of these permissions.
Once the user agrees, the malware drops a copy of itself onto the device, by remounting the /system partition, copying the embedded APK file for Android.Lockdroid.E to /system/app/[THREAT NAME].apk, changing the dropped APK file’s permission to executable, and rebooting the device so the threat can run on boot completed as a system application.
Views: 518
©ictnews.az. All rights reserved.Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World