BOLO Android Users! New Ransomware Threat For Mobile Devices
By: Jim Stickley and Tina Davis
January 19, 2021
At a time when ransomware attacks are surging at an epic rate, Microsoft is warning mobile users about a new spin on a familiar ransomware. Microsoft 365 Defender Research Team recently released an alert saying this new strain of MalLocker ransomware family dubbed MalLocker.B is infiltrating mobile phones, locking them, and displaying a ransom note on the screen. With an incredible 50% surge in ransomware attacks reported over the past three months, Microsoft Defender warns mobile users to be on the lookout for this new and highly improved variant.
Like most Android ransomware, this new strain doesn’t block access to data by encrypting it. Rather, it displays a ransom screen that blocks access to a device because the ransom window covers all other device windows, making it impossible to do anything else. The window displays a ransom note demanding payment, instructions on how to pay it, and displays other threats should it not be paid.
In Microsoft Defender’s own words "This new mobile ransomware variant is an important discovery because the malware exhibits behaviors that have not been seen before and could open doors for other malware to follow.” Microsoft’s team has been observing a “rapid evolution of mobile threats” and MalLocker.B is surely one of them. This latest variant displays an entirely new strategy allowing it to abuse incoming call notifications and lock the device home button to display the ransom note. Also, the ransomware evades detection of any security solutions on a device.
This latest ransomware iteration isn’t great news for Android smartphone users, however there are ways to help prevent it from infiltrating a device. The MalLocker ransomware family has a history of malicious website hosting, circulating in online forums by using social engineering tactics, and hiding its identity as popular apps, video players, and cracked games (games pirated by hackers).
Cybersafe users need to avoid downloading anything from unofficial sites (sideloading), including games and apps. These sites don’t necessarily scan for malware and are a sure source of viruses and all kinds of malware. Also, be highly aware of social engineering tactics used in email phishing. Never respond to emails from unknown senders and never, ever follow links or download attachments they likely contain. Remember, one wrong click on a phishing email can bring a world of hurt to a device and its owner, so stay cybersafe!