DoubleLocker - new ransomware has the ability to encrypt data and change Android device PIN
Security researchers at ESET have discovered a new type of Android ransomware called DoubleLocker, which not only encrypts user data but also changes the device's PIN.
Security researchers at ESET have discovered a new type of Android ransomware called DoubleLocker, which not only encrypts user data but also changes the device's PIN.
First discovered in May this year, this DoubleLocker ransomware has spread similarly to fake Adobe Flash updates through compromised sites.
DoubleLocker combines a smart infection mechanism with two powerful tools to blackmail its victims. Researchers believe that this ransomware could be upgraded in the future to steal bank certificates, not simply extort money from victims.
Lukáš Štefanko, an ESET malware researcher, said: "DoubleLocker has the ability to change the device's pin code, preventing the victim from accessing the phone and encrypting the victim's data. "Such a combination has never happened in the Android ecosystem. DoubleLocker also abuses Android access services - a popular trick in the cybercrime world."
- New ransomware appeared not to send Bitcoin, money, but . nude photos !!!
- Can data encryption protect you from Ransomware?
The way ransomware DoubleLocker works
Once installed and launched, the application will ask users to activate the malware access service called "Google Play Service". After the malware receives access rights, it will use them to activate device administrator rights and set itself as the default Home application without the user's consent. That is, whenever the user clicks the Home button, the ransomware will be activated and the device will be locked again. By using the access service, users do not know that they have started the malware by pressing the Home button.
DoubleLocker creates two reasons for the victim to pay a ransom. First, it changes the device's PIN, preventing the victim from using it. Second, it encrypts all data from the main storage directory on Android using AES encryption algorithm.
The ransom amount is set at a relatively modest level of 0.0130 BTC (equivalent to 54 USD).
The best way to protect yourself is to always download applications from trusted sources like Google Play Store and verified developers. Besides, installing an antivirus application is also a safe way to protect your device from malware.
You should read it
- 7 kinds of ransomware you didn't expect
- No anti-virus software can detect this extremely dangerous new Ransomware on Android
- 5 types of malware on Android
- List of the 3 most dangerous and scary Ransomware viruses
- Ransomware can encrypt cloud data
- General guidelines for decoding ransomware
- What is Ransomware Task Force (RTF)?
- How to decrypt encrypted files, recover data encrypted by Ransomware
- Warning ransomware fake game Cyberpunk 2077 for Android
- [Infographic] 7 effective ways to protect businesses from Ransomware
- How to decode ransomware InsaneCrypt (Everbe 1.0)
- Why is Ransomware the perfect hack?
Maybe you are interested
7 Key Features To Look For In An Internet Fax Service Provider How to get free Gems in Empires & Puzzles Jack Ma returned Russia with 1 million masks and 200,000 corona virus test kits Few philanthropies, but every time Jeff Bezos played, he played big: Spending $ 10 billion on the fight to save Earth YouTube's source code leaked, revealing the entire platform measure used to control YouTubers Falling money from the sky is real: A $ 700 billion gold meteorite is flying 750 million kilometers from Earth.