DoubleLocker—as the advert suggests, it locks device twice.
Security researchers from Slovakia-based safety software maker ESET convey discovered a novel Android ransomware that non only encrypts users’ data, but also locks them out of their devices yesteryear changing lock hide PIN.
On exceed of that:
DoubleLocker is the first-ever ransomware to misuse Android accessibility—a characteristic that provides users choice ways to interact alongside their smartphone devices, in addition to mainly misused yesteryear discovered a novel Android ransomware that non only encrypts users’ data, but also locks them out of their devices yesteryear changing lock hide PIN.
On exceed of that:
DoubleLocker is the first-ever ransomware to misuse Android banking Trojans to pocket banking credentials.
Researchers believe DoubleLocker ransomware could live on upgraded inwards futurity to pocket banking credentials equally well, other than only extorting coin equally ransom.
First spotted inwards May this year, DoubleLocker Android ransomware is spreading equally a imitation Adobe Flash update via compromised websites.
Once installed, the malware requests user for the activation of 'Google Play Services' accessibility feature, equally shown inwards the demonstration video.
After obtaining this accessibility permission, the malware abuses it to gain device's administrator rights in addition to sets itself equally a default habitation application (the launcher)—all without the user's knowledge.
Once executed, DoubleLocker offset changes the device PIN to a random value that neither aggressor knows nor stored anywhere in addition to meanwhile the malware encrypts all the files using AES encryption algorithm.
DoubleLocker ransomware demands 0.0130 BTC (approximately USD 74.38 at fourth dimension of writing) in addition to threatens victims to pay the ransom inside 24 hours.
If the ransom is paid, the aggressor provides the decryption primal to unlock the files in addition to remotely resets the PIN to unlock the victim's device.
According to the researchers, in addition to thence far at that spot is no means to unlock encrypted files, though, for non-rooted devices, users tin move factory-reset their telephone to unlock the telephone in addition to larn rid of the DoubleLocker ransomware.
However, for rooted Android devices alongside debugging means enabled, victims tin move role Android Debug Bridge (ADB) tool to reset PIN without formatting their phones.
The best means to protect yourself from avoiding falling victims to such ransomware attacks is to ever download apps from trusted sources, similar Google play Store, in addition to stick to verified developers.
Also, never click on links provided inwards SMS or emails. Even if the e-mail looks legit, larn lead to the website of source in addition to verify whatever possible updates.
Moreover, virtually importantly, decease on a proficient antivirus app on your smartphone that tin move notice in addition to block such malware earlier it tin move infect your device, in addition to ever decease on it in addition to other apps up-to-date.
Security researchers from Slovakia-based safety software maker ESET convey discovered a novel Android ransomware that non only encrypts users’ data, but also locks them out of their devices yesteryear changing lock hide PIN.
On exceed of that:
DoubleLocker is the first-ever ransomware to misuse Android accessibility—a characteristic that provides users choice ways to interact alongside their smartphone devices, in addition to mainly misused yesteryear discovered a novel Android ransomware that non only encrypts users’ data, but also locks them out of their devices yesteryear changing lock hide PIN.
On exceed of that:
DoubleLocker is the first-ever ransomware to misuse Android banking Trojans to pocket banking credentials.
"Given its banking malware roots, DoubleLocker may good live on turned into what could live on called ransom-bankers," said Lukáš Štefanko, the malware researcher at ESET.
"Two-stage malware that offset tries to wipe your banking enterprise or PayPal concern human relationship in addition to afterwards locks your device in addition to information to asking a ransom."
Researchers believe DoubleLocker ransomware could live on upgraded inwards futurity to pocket banking credentials equally well, other than only extorting coin equally ransom.
First spotted inwards May this year, DoubleLocker Android ransomware is spreading equally a imitation Adobe Flash update via compromised websites.
Here's How the DoubleLocker Ransomware Works:
After obtaining this accessibility permission, the malware abuses it to gain device's administrator rights in addition to sets itself equally a default habitation application (the launcher)—all without the user's knowledge.
"Setting itself equally a default habitation app – a launcher – is a flim-flam that improves the malware's persistence," explains Å tefanko.
"Whenever the user clicks on the habitation button, the ransomware gets activated, in addition to the device gets locked again. Thanks to using the accessibility service, the user does non know that they launch malware yesteryear hitting Home."
Once executed, DoubleLocker offset changes the device PIN to a random value that neither aggressor knows nor stored anywhere in addition to meanwhile the malware encrypts all the files using AES encryption algorithm.
DoubleLocker ransomware demands 0.0130 BTC (approximately USD 74.38 at fourth dimension of writing) in addition to threatens victims to pay the ransom inside 24 hours.
If the ransom is paid, the aggressor provides the decryption primal to unlock the files in addition to remotely resets the PIN to unlock the victim's device.
How to Protect Yourself From DoubleLocker Ransomware
According to the researchers, in addition to thence far at that spot is no means to unlock encrypted files, though, for non-rooted devices, users tin move factory-reset their telephone to unlock the telephone in addition to larn rid of the DoubleLocker ransomware.
However, for rooted Android devices alongside debugging means enabled, victims tin move role Android Debug Bridge (ADB) tool to reset PIN without formatting their phones.
The best means to protect yourself from avoiding falling victims to such ransomware attacks is to ever download apps from trusted sources, similar Google play Store, in addition to stick to verified developers.
Also, never click on links provided inwards SMS or emails. Even if the e-mail looks legit, larn lead to the website of source in addition to verify whatever possible updates.
Moreover, virtually importantly, decease on a proficient antivirus app on your smartphone that tin move notice in addition to block such malware earlier it tin move infect your device, in addition to ever decease on it in addition to other apps up-to-date.
Share This :
comment 0 Comments
more_vert