LockerPIN: ESET researchers have discovered the first "in the wild" ransomware for Android that sets the PIN.
"Based on ESET LiveGrid statistics, the majority of infected Android devices are located in the US with a total of more than 75%," ESKA's Detection Engineer Lukáš Štefanko said.
"This is indicative of a trend in which its creators maliciousυ software για Android μετατοπίζουν τις επιθέσεις από κυρίως Ρώσους και Ουκρανούς χρήστες σε Αμερικανούς, για να αποκομίζουν πολύ υψηλότερα κέρδη.»
LockerPIN spreads through non-certified app stores owned by third parties, warez and torrent forums. Once installed, the Trojan attempts to acquire device administrator permissions by displaying an update patch installation window above the system message.
At this stage, even if the trojan is removed, for unrooted devices that are not protected by a security solution, there is no simple way to change the PIN except resetting the factory settings. But this leads to a loss of all data. As if this did not happen, even if the user decides to pay the ransom, the attackers can not unlock the device, since the PIN is set at random.
To protect against this malware, ESET recommends as essential the use of a web browsing security solution, such as ESET Mobile Security, designed specifically for Android smartphones and tablets, τη δημιουργία αντιγράφων ασφαλείας τακτικά, και το download εφαρμογών μόνο από πιστοποιημένα app store, όπως το Google Play ή το Amazon App Store.
"You can save some money when downloading applications from unverified sources, but keep in mind that this can lead to loss of data or personal data, which usually have a much greater emotional or economic value," adds Štefanko.
Read more about #LockerPIN on WeLiveSecurity.com and follow the developments in the social media case using the #LockerPIN hashtag.