A new Lockscreen ransomware threat on Android devices has been found by security experts.
According to Hackread, the new version of the Android Lockscreen ransomware is far more powerful and resilient than the previous versions that have been around for some time now. These previous versions of the ransomware used to lock the screen using a hardcoded passcode. However, reverse engineering performed by security experts could provide the victim with the passcode that allowed them to unlock their devices.
The new version of the Android Lockscreen ransomware uses a pseudorandom passcode. Pseudorandom passcodes are randomly generated numbers that can be either 6-digit or 8-digit long. The pseudorandom passcodes made it impossible to reverse engineer the passcode. This means that the victims of the attack are unable to unlock their Android devices and their only option left is to pay the ransom.
The new version of the Lockscreen ransomware is also equipped by attackers with a custom lock screen joined with the Android mobile device's default lock screen. Prior to being distributed to unsuspecting users, the hackers are directly creating Trojans on mobile devices.
A custom System Error message is created when a device has been infected by the Trojan malware. On the infected device, this error message is passed atop every visible user interface.
Intimidating messages are displayed by the malware through this window. The user is asked to contact the attackers and pay them in order to get the passcode.
Since the base number is acquired with the "Math Random()" function, the randomly generated number is different for every device. Malware developers have made the threat even stronger by using device admin privileges in order to modify the PIN of the Android mobile device's normal lock screen.
According to the website thewindowsclub.com, the cyber laws consider ransomware as a big crime. In order to deal with the increasing ransomware threat, the Californian government treats it as extortion.
Last Tuesday, Sept. 27, has been signed into the law by Governor Jerry Brown California's SB-1137. This is the first precedent when a government is treating the cybercrime of ransomware as extortion.