The threat of “Android ransomware” is on the rise, and cyber criminals are making millions of dollars, thus victimizing as many people as possible – with WannaCry, NotPetya, and LeakerLocker that put the ransomware at risk recently.
What is bad? Hacker has also begun selling android ransomware kit-as-a-service (RAAS) in an effort to more easily spread this creepy threat, so even a non-technical user can create their own Android ransomware and distribute the threat to a Public.
The problem: You can see a massive increase in the number of ransomware campaigns in the coming months, thanks to the Android apps available for anyone to download that allows them to easily create Android ransomware with their devices.
Security researchers at Symantec’s antivirus firm have uncovered some Android applications available on hacker forums and through advertisements on the popular social networking messaging service in China, allowing aspiring hackers to download and use the Trojan development kit (TDK).
How to create your own Android Ransomware
With the easy-to-use interface, these applications are no different than any other Android application, except it allows users to create their own custom mobile malware with little programming knowledge.
To create custom android ransomware, users can download an application of this type (for an obvious reason we do not share the link), install it and open it, offering the opportunity to choose from the following options that appear on the screen in the Application screen:
- The message displayed on the lock screen of the infected device
- The key that will be used to unlock that infected device
- The icon to be used by your malware
- Custom math operations to randomize code
- Type of animation to be displayed on the infected device
- Once all the information has been collected, users only require that you press the “Create” button.
If the user has not previously, the application will ask you to subscribe to the service before proceeding. The application allows the user to chat online with their developer who can arrange a one-time payment.
Once the payment is made, “malware is created and stored in an external memory in a ready to be sent” state, and then the user can continue the process, making as many victims as he can.
“Anyone unlucky enough to be tricked into installing the malware will end up with a locked device out a rescue,” said Symantec researchers.
“The malware created with this automation process follows Lock droid’s typical behavior of locking the device screen with a SYSTEM_ALERT_WINDOW and displaying a text field for the victim to enter the unlock code.”
Lock droid’s Ransomware has the ability to lock the infected device, to change the device PIN and delete all your user data through a factory restore and even prevent the user from uninstalling the malicious software.
These applications allow anyone interested in hacking and criminal activities to develop a piece ready to use ransomware malicious programs simply by using their smartphone without writing a single line of code.
“However, these applications are not only useful for cyber criminals to be criminal and inexperienced, since even hardened malware authors might find these easy to use an effective kit to put the work on themselves,” say researchers.
So, be prepared to predict an increase in mobile androidransomware variants in the coming months.
How to protect your Android devices from Android ransomware attacks
Also Read: Images Spreading Malware Through Stegosploit Tool
To protect against such threats on mobile devices, we recommend:
- Always keep regular backups of your important data.
- Be sure to run a set of active anti-virus protection tools on the machine’s tools.
- Avoid downloading applications from unknown third-party app sites and stores.
- Always pay close attention to the permissions required by an application, even if it has been downloaded from an official app store.
- Do not open email attachments from unknown sources.
- Finally, surf the Internet safely.