Android Lockscreen ransomware has been around for quite some time now but the new version of these is far more powerful and resilient. Previously the ransomware used to lock the screen using a hardcoded passcode but experts were able to perform reverse engineering to provide the victim with the passcode so that they could unlock their devices. However, in the new version the attackers have made it impossible to reverse engineer the passcode since the ransomware uses pseudorandom passcodes. Due to this, the victims aren’t able to unlock their devices and are forced to pay the ransom.
Attackers have also equipped this new version with a custom lockscreen that is joined with the device’s lockscreen. This creates another problem for the victim. It must be noted that such Trojans are now being directly created on mobile devices prior to being distributed to unsuspecting users.
When a device has been infected by this malware, it creates a custom System Error message window, which is pasted atop every visible user interface on the infected device. The malware also displays intimidating messages through this window asking the user to talk to the attackers to get the passcode.
Submitted by: Arnfried Walbrecht