Ransomware Microsoft warns
Microsoft has warned of new ransomware for mobile devices that compromise the mechanisms behind the “incoming call” notification and the “Home” button to lock screens on users’ devices.
The new software is called (MalLocker.B), and it contains very simple code and is placed inside Android applications offered for download via online forums and third-party websites.
MalLocker.B prevents the user from accessing the rest of the phone instead of encrypting the victim’s files, making it work in a similar way to most Android ransomware programs.
The software takes over the screen of the phone once installed and prevents the user from rejecting the ransom note designed to look like a message from local law enforcement informing the user that he has committed a crime and needs to pay a fine.
Ransomware – which pretends the user has committed a crime and needs to pay a fine – has been the most popular form of Android ransomware for over half a decade now.
The ransomware misused the various functions of the Android operating system in order to prevent the user from accessing the contents of the phone.
ransomware Microsoft warns
Previous methods included misusing the system alert window or disabling functions that interact with the phone’s physical buttons.
MalLocker.B comes with a new type of these technologies, where the software uses a two-part mechanism to display the ransom note.
The first part misuses the “incoming call” notification,
a function that is activated for incoming calls to show details about the caller and uses it (MalLocker.B) to show a window covering the entire screen area with details about the incoming call.
- The second part misuses a function that is activated when users want to send an application to the background and move to a new application, and this function is triggered by pressing buttons, such as the home page.
- (MalLocker.B) abuses this function to bring the ransom note back to the fore, preventing the user from leaving the ransom note or running another application.
Users are advised to avoid installing Android applications that they have downloaded from third-party websites, such as forums, website ads, or unauthorized third-party app stores.