LockerPIN: ESET researchers have discovered the first "in the wild" ransomware for Android that sets the PIN.
"Based on ESET LiveGrid statistics, the majority of infected Android devices are located in the US with a total of over 75%," Detection claims Engineer of ESET, Lukáš Štefanko.
«Αυτό είναι ενδεικτικό μιας τάσης κατά την οποία οι δημιουργοί του κακόβουλου λογισμικού για Android μετατοπίζουν τις attacks from mostly Russian and Ukrainian users to Americans, to make much higher profits.”
LockerPIN spreads through non-certified app stores owned by third parties, warez and torrent forums. Once installed, the Trojan attempts to acquire device administrator permissions by displaying an update patch installation window above the system message.
Στην παρούσα φάση, ακόμα και αν το trojan αφαιρεθεί, για τις unrooted συσκευές που δεν προστατεύονται από μια λύση ασφάλειας, δεν υπάρχει απλός τρόπος για να αλλαχθεί το PIN εκτός από την reset των εργοστασιακών ρυθμίσεων. Αυτό όμως οδηγεί σε απώλεια όλων των δεδομένων. Σαν να μην έφτανε αυτό, ακόμη και αν ο χρήστης αποφασίσει να πληρώσει τα λύτρα, οι επιτιθέμενοι δεν μπορούν να ξεκλειδώσουν τη συσκευή, αφού το PIN έχει οριστεί τυχαία.
To protect against this malware, ESET recommends using a security solution for browsing the Internet, such as ESET Mobile Security, specifically designed for Android smartphones and tablets, backing up regularly, and downloading apps only from a certified app store, such as Google Play or the Amazon App Store.
"You can spare some money when downloading applications from uncertified sources, but always keep in mind that this can lead to loss of data or personal information, which usually has a much greater emotional or financial value," adds Štefanko.
Read more about #LockerPIN on WeLiveSecurity.com and follow the developments in the social media case using the #LockerPIN hashtag.