HackDig : Dig high-quality web security articles for hacker

Android Ransomware Demands Victims Speak Code to Unlock Phone

2017-02-23 10:55

An older Android ransomware is getting some new capabilities as attackers seem to be playing around with the code a bit. Android.Lockdroid.E, which has been around for about a year, is now asking victims to speak the code provided by the attackers to unlock the devices. 

Folks over at Symantec warn Android users that a newly discovered Android ransomware variant comes packed with speech recognition capabilities and is now demanding victims speak the code they received.

The researchers explain that once a device is infected with Android.Lockdroid.E, the user is locked out using a SYSTEM type window before the ransom note is displayed. Written in Chinese, the note gives instructions on how to unlock the device. The note includes a QQ instant messaging ID to contact in order to receive more instructions on how to go about paying the ransom and getting your unlock code.

The instruction page
The instruction page

A new device must be used to contact the attackers since your own is locked. Then, the note instructs users to press a button to start the speech recognition functionality. The malware then uses a third-party speech recognition API to compare the spoken words with the expected password.

"The malware stores the lockscreen image and the relevant passcode in one of its Assets files in encoded form with additional padding. I was able to extract the passcode using an automated script. Figure 2 shows a couple of examples of the types of passcodes the threat uses. It should be noted that the threat will use a different passcode for each infection," reads Symantec's blog post.

Touch to speek
Touch to speek
Previous method involved barcodes

This isn't the first time that attackers experimented with this particular ransomware. In the past, another variant used an inefficient 2D barcode ransom demand, which had to be scanned with another device in order to log into a messaging app to receive information about how to pay the ransom.

Since this new variant comes with several bugs as well, making it difficult to properly recognize the spoken words, they both seem to be rather inefficient. This is certainly not going to be the last we see of these attackers trying out new solutions to get their extortion method perfect.


Source: .432315-enohp-kcolnu-ot-edoc-kaeps-smitciv-sdnamed-erawmosnar-diordna/swen/moc.aideptfos.swen

Read:2363 | Comments:0 | Tags:Security

“Android Ransomware Demands Victims Speak Code to Unlock Phone”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud