Experts of Symantec spoke about the new technology that allows rent-seeking BY Android.Lockscreen start after every system reboot.
Android.Lockscreen is a malicious program for Android devices, launched in March 2015. Extortionist locks the screen and for each mobile assigns your PIN . Display a notification of the need to contact the “tech support”. Called the listed number, the user is informed about the need to pay for the services of “technical support”. After payment of ransom, the victim receives a PIN code to unlock the device.
According to Symantec, the new version of Android.Lockscreen hides the code inside launcher.app. Launchers are part of the Android operating system, which is responsible for the management of several user interface elements. In this regard, they are automatically run each time you restart the OS.
With the release of Android 3.1, Google significantly reduced the possibility of startup applications, so the only way for malware to gain the privileges of the startup is to disguise the launcher. Attackers often resort to this method, since very few users know what a launcher, and even fewer use them.