• IP addresses are NOT logged in this forum so there's no point asking. Please note that this forum is full of homophobes, racists, lunatics, schizophrenics & absolute nut jobs with a smattering of geniuses, Chinese chauvinists, Moderate Muslims and last but not least a couple of "know-it-alls" constantly sprouting their dubious wisdom. If you believe that content generated by unsavory characters might cause you offense PLEASE LEAVE NOW! Sammyboy Admin and Staff are not responsible for your hurt feelings should you choose to read any of the content here.

    The OTHER forum is HERE so please stop asking.

New malware can change PIN codes, locking Android users out of their own phones

AnonOps

AnonOps

Alfrescian
Loyal
Joined
Dec 19, 2014
Messages
184
Points
0

New malware can change PIN codes, locking Android users out of their own phones

By AJ Dellinger
Sep 11, 2015, 2:07am CT | Last updated Sep 11, 2015, 4:11pm CT

Your PIN code might keep your phone's contents from other people, but even it isn't safe from a new piece of ransomware capable of hijacking the safety measure on Android devices.

A group of researchers have discovered what is believed to be the first example of malware that can reset the PIN code on a device and lock the owner out of their own phone.

The ransomware, identified as "Android/Lockerpin.A," leaves a user locked out of their device with no recourse to regain access. If the user doesn't have a preemptive defense against the attack, such as root privileges or a security management solution installed on the device, the only option is complete factory reset that would delete all data on the phone.

Once the malicious locker is installed on the phone, it changes the PIN for unlocking the device. Shortly after, users will be presented with a fake warning message from the FBI. The alert tells the victim they must pay a $500 penalty for viewing and downloading pornographic material.

Previous lock screen attacks simply took over the lock screen itself but could be overridden by rebooting in Safe Mode and uninstalling the offending application or using Android Debug Bridge, a command line utility within the Android operating system.

The new bit of ransomware takes an extra precaution to prevent such a simple defeat by preserving its own administrator privileges on the infected device, making it next to impossible to simply uninstall it. The trojan will reactivate itself if disabled or present a phony overlay that states deactivating it is forbidden.

Android/Lockerpin.A has primarily been spotted in the United States, with over 75 percent of all confirmed cases occurring within the country. The malware is not obtained through the Google Play Store but rather from third party markets.

If you're worried about being left vulnerable to the latest mutation of lock screen ransomeware, Android app ESET Mobile Security can detect and help prevent against the threat.

H/T WeLiveSecurity | Illustration by Max Fleishman


 
You must log in or register to reply here.

Similar threads

riceberry
No devices for kids at meals, turn off the TV: Singapore rolls out stricter screen use guidelines
Replies
0
Views
198
riceberry
riceberry
SBFNews
Victims lose about S$220,000, including CPF savings, in Android malware scams
Replies
5
Views
1K
laksaboy
laksaboy
SBFNews
Woman who scanned QR code with malware lost $20k to bubble tea survey scam while she was sleeping
Replies
10
Views
2K
Narong Wongwan
Narong Wongwan
SBFNews
New Singpass face verification feature for CPF log-in to protect vulnerable Singaporeans against malware scams
Replies
3
Views
986
k1976
k1976
SBFNews
Over 400 million infected with Android spyware — delete these apps right now
Replies
12
Views
2K
blackmondy
blackmondy
Back
Top