Cyber security experts have discovered a new variant of Android Ransomware named as Lockdroid ransomware which imitates the lock-screen interface in order to deceive Android users. This ransomware spreads as a Trojan horse which is identified as a Android.Lockdroid.E virus. The malware hides into the porn app reported as a “Porn ‘O’ Mania” that can be downloaded from various third party sources. It displays a sophisticated lock screen interface with genuine looking legal notice in order to demand ransom money for unlocking the affected Android devices.
Lockdroid ransomware can infect Android devices by disguising itself as a legit looking video application on an unofficial app stores. This ransomware can also spread with the help of browser hijacker virus which redirect users search results to the web portal hosting malware. Most important, the Lockdroid ransomware doesn’t spread through Google Play Store. The threat makes use of the Google’s Material Design and also an open-source project in order to create lock-screen user interface.
On infecting a targeted device, the ransomware records contacts, messages, call records and browsing histories from an infected Android phone. Then after, it blocks the users from accessing their device by displaying a fake legal notice. This ransomware allows the users to access “proofs” of the illegal conducts via an app drawer onto the left side of screen. By using the gathered data from victims device, it display a ransom notice which appears personally tailored to the victimized users. The Lockdroid ransomware also uses the flaw to display personal data which it records via an easy-to-access looking menu. These elements help the malware intimidate the victims into making payment.
According to the security researchers, Lockdroid ransomware is the first malware which makes use of the Material Design Lock-screen user interface. The con artists often used an open-source project identified as a “MaterialDrawer” in order to create part of the Interface. Luckily, this ransomware threat is not present at the Google Play Store and the Android users have been strongly advised pay close attention while downloading and installing any applications from unfamiliar or untrusted sources. A recently published study report by the University of Cambridge has determined that more than 87% of Android users are exposed to at least one malicious threat.
Above all, the Google authorities claim that the none of the victims have installed the infected app from Google Play Store. According to Google, the users who have installed Google Play on their devices are protected by the Verify Applications even if they decided to download and install apps from other sources. As stated by the researchers from a security firm, 67% of the Android users were at high risk. The Lockdroid ransomware uses clickjacking tactic in order to attack the devices which run Android version 5.0 or a newer version of OS. However, after the attack of this ransomware, victimized users must perform the removal of this malware immediately in order to get back access to their smartphone and recover their data.