Android users were alerted by Microsoft, as they found a new ransomware MalLocker.B, the ransomware triggers on an infected phone as soon as the victim presses the Home key.
MalLocker has been known for being hosted on malicious websites and circulated on online forums using various social engineering lures by masquerading as popular apps, cracked games, or video players.
The AndroidOS/MalLocker.B ransomware targets the call notification function. The latest variant of a ransomware family that’s been in the wild for a while but has been evolving non-stop. As revealed by Microsoft in a recent post, the ransomware locks users’ devices rendering it useless for the user until the payment is done.
The AndroidOS/MalLocker.B ransomware also exploits the function that would generally allow users to hold the home button or recent button to switch to another app.
Once the ransomware enters into the victim’s device, in the background it continues exploiting various Android functions. For instance, it first abuses the “call” notification, which displays caller details on the screen, to display the ransom note.
Then, it abused the “onUserLeaveHint()” callback method that normally lets the user switch apps by dragging them into the background.
As with most Android ransomware, this new threat doesn’t actually block access to files by encrypting them. Instead, it blocks access to devices by displaying a screen that appears over every other window, such that the user can’t do anything else. The screen with a ransom note, which contains threats and instructions to pay the ransom.
“This new mobile ransomware variant is an important discovery because the malware exhibits behaviors that have not been seen before and could open doors for other malware to follow,” Microsoft 365 Defender Research Team said.
Android Users To Be Noted:-
Android users are instructed to avoid downloading apps from unknown sources. If an app is needed, make sure to download from the Play Store or a verified source, even installing applications from Play Store is not entirely malware-free but the probability of getting infected is lower when compared to installing from other unknown sources.
Since the malware is already active in the wild, all Android users must remain very careful while installing any apps.