Unless you’ve been on blocking out tech news from any feeds you follow, you’ve likely heard the term Ransomware thrown around a lot in the past year. It’s making many headlines, and is one of the most popular, simple, and lucrative methods being used by predators online today.
Ransomware by nature isn’t terribly new—but the game is beginning to change as more and more Android users are being hit by this threat which previously was only targeting desktop users. If you’re interested, you should read on with our article PSA: What is Ransomware?
The most recent discovery which caught our attention is software called “Android/Lockerpin A,” which, like conventional types of ransomware, preys on less savvy users by tricking them into giving up administrative permissions to their phone.
This process still triggers a notice requesting your permission to sign over your admin access, but the app presents a fake window about patch installation overtop of the permission notice. This way, when you click to approve “the patch,” you’re in fact granting the app rights to manipulate your phone’s settings—including the ability to set a pin without your permission.
Once the app has set (or reset) the pin to unlock your screen, the only way to regain full control over the device is through a factory reset.
Shortly thereafter, the user will receive a characteristic “ransom” message—a bogus claim from the “FBI” reporting that your device will remain locked until you pay out $500—at which point the lock screen pin is reset (randomly, so even the attacker doesn’t know).
What’s new about this threat?
Previously, the type of ransomware targeting Android users was easily rectified—often they could be undone by installing Android Debug Bridge (ADB) or deactivating those administrative privileges and uninstalling the predatory app while the device is rebooted in safe mode.
Obviously, when the first objective of the threat is to revoke your ability to get beyond the lock screen, your reactive options are severely limited. The only way to regain control of the device is through root access to device or some other form of security management solution installed, apart from a factory reset that would also delete all their data.
What you should do about it
Thankfully, the predatory app doesn’t appear on the Google Play Store, so the only way to encounter Android/Lockerpin A is via third party downloads or torrent sites. As always, be extremely mindful when clicking links and downloading files! For the time being, the only practical way to fight this threat is through preventative action. If you’re interested in protecting yourself or don’t know what steps to take next, get our quick prevention guide below![emaillocker id=”5481″]Download Guide[/emaillocker]