[ad_1]
Microsoft has issued a warning about a mobile exploit that targets the “incoming call” and “Home” functions of the Android operating system. Here’s what we know about AndroidOS / MalLocker.B ransomware.
AndroidOS / MalLocker.B malware
A new mobile threat
Hackers are using the exploit to hijack Android users’ devices and lock their screens as part of ransomware attacks.
AndroidOS / MalLocker.B ransomware is commonly found in software available for download from unofficial forums and third-party websites.
We found a particularly sophisticated piece of Android ransomware with novel techniques and behaviors; exemplifying the rapid evolution of mobile threats that we have also seen on other platforms. “
Modus operandi
AndroidOS / MalLocker.B follows the modus operandi of most Android ransomware. Lock users’ screen instead of encrypting device files. Computer-based ransomware attacks generally encrypt user data and then offer the encryption key for a price.
AndroidOS / MalLocker.B takes over the user’s phone screen. He then replaces it with a ransom note, usually made to look like it came from the local police. The ransomware prevents the user from dismissing the message.
Previous Android Ransomware attacks have targeted system alert windows or disabled functions associated with phone buttons.
“Mobile ransomware, detected by Microsoft Defender for Endpoint as AndroidOS / MalLocker.B, is the latest variant of a family that has been in the wild for a while, but has evolved non-stop. ”
How does it work?
AndroidOS / MalLocker.B ransomware targets call notification feature. This would normally display the caller’s details on the screen. The AndroidOS / MalLocker.B exploit uses this feature to display your ransom note on the entire screen.
To prevent the user from simply switching applications or returning to the home screen, the AndroidOS / MalLocker.B ransomware also exploits the feature that would normally allow users to press and hold the home button or recent button to switch to another application.
This is the first time that an attack with these specific exploits has been reported in the wild, although it is not the first ransomware attack to target the Start button as an exploit.
What is the risk?
While AndroidOS / MalLocker.B is a significant security risk, most users shouldn’t worry too much about it. This specific strain of malicious code is too simplistic to get past Play Store security.
However, if you regularly download APKs from third-party sites and forums, you could be at risk, and we recommend that you be very sure of the safety of software from unofficial sources.
As the number of cyberattacks continues to rise, mobile device users have to be more cautious with more and more attacks targeting mobile users, whether they are phishing attacks or ransomware attacks like these.
You can find a detailed breakdown of the ransomware here.
Also read: Chrome can now detect hacked passwords on Android and iPhones
[ad_2]
