DoubleLocker Ransomware Locks Android devices

Haythem Elmir

A ransomware dubbed as DoubleLocker has infected Android devices by changing the security PIN of the device and encrypting all the data stored.

Researchers from cybersecurity firm ESET have discovered the Double Locker ransomware, that is a two-step ransomware which adopts a dual-locking approach.

According to researchers, the ransomware is dispersed through a fake Adobe Flash Player apps. The ransomware’s code is based on banking Trojan known as Android.BankBot.211.origin, which compels users to grant administrative permissions, and activate the device’s admin rights and set itself as the default home application.

The attackers have set the ransom at 0.013 Bitcoin (approx. USD 70), which is demanded to be paid within 24 hours of the attack. “Double Locker affects the android devices primarily in two ways: first, encrypts all the data files with AES encryption mechanism and corrupts the same with the .cyreye file extension, thus becoming a perfect case for a ransom demand. Additionally, the malicious software also affects the accessibility of the devices by changing the pin of the device, which cannot be accessed by the users,” explained Sandeep Sharma, Associate Research Manager – Software and Services at IDC.

Researchers stated that the Double Locker ransomware is much more advanced as compared to other types of Android ransomware. This ransomware has an ability to abuse the device accessibility setting to have access to device administrator in order to control the device.

After getting all the admin rights, the malware sets itself as the default home application on the device, and further, after this, it blocks the users from bypassing the lock.

The best way to remain unaffected y this kind of ransomware is to backup of all data regularly, and even after getting attacked by the ransomware you can get your original device without paying ransomware by resetting your device to factory reset.


To read the original articel:

Laisser un commentaire

Next Post

North Korea is behind the WannaCry Attack on NHS according to British intelligence

The defense minister Ben Wallace said the administration now believes a North Korean hacking crew was engaged but ended short of suggesting the UK could carry out retaliatory attacks. “This attack, we think quite firmly that this came from a foreign state,” Mr. Wallace said. Adding that the state needed […]