Thursday, January 28, 2016

Extortionate software for Android uses clickjacking to obtain administrator rights – securitylab

At risk are 67% of all Android-devices.

The experts found Symantec’s sample extortionate software for Android, is used to obtain administrator privileges entirely new technique. In addition to encrypt files on an infected smartphone in case of elevated privileges Android.Lockdroid.E able to block the device, change the PIN-code and even delete all user data by returning to the factory settings.

As a rule, unsuspecting victims by downloading a smartphone extortionate software intruders disguised as legitimate application. After installation, the malware blocks the device and displays a fake alert as if the user was browsing prohibited materials. Ransomware encrypts all files and collects data on the contact list. According to the notification, the victim can recover their files and unlock the device by paying a ransom.

A more aggressive technique involves the use of social engineering to force the user to provide a malicious program administrator rights. Until recently, the attackers used a dialog box with a false description.


New Android.Lockdroid.E uses more advanced technology. After you install and run a malicious application, a dialog box activate the system, hidden behind a fake window “Installing Packages”. Clicking on the “Continue” button to install allegedly affiliated with Google important package – the first step in providing the malware administrator rights. After the appearance of the dialog box “Installation complete» Android.Lockdroid.E obtain elevated privileges.


The problem affects the Android version 5.0 Lollipop, that is, at risk are 67% of all Android-devices.



No comments:

Post a Comment