Ransomware is one of the most prevalent kinds of malware out there and lots of people have already heard of the notorious police virus: a malicious software that ‘kidnaps’ your computer, trying to get you to pay money to restore access to your data and threatening you with (fake) reports to the authorities. One of the latest advances in this field goes beyond encrypting your information (which has already been done): a newly discovered type of malware dubbed LockerPin can completely lock your Android by changing your PIN, with no possibility of recovery if your device is not rooted unless you restore the factory settings.
The app comes disguised under various names and formats, although according to ESET, you’ll usually find it in the form of a porn app called ‘Porn Droid’. Attackers are always looking for dodgy topics to scare you with fake messages. Last year, for example, a type of malware made the rounds showing child porn images and then immediately accusing the user of committing a crime, which could only be rectified by (obviously) paying money.
In this case, after LockerPin installs itself a tab will appear asking you to update the app, although what it actually is is a popup superimposed over the app that activates administrator permissions so the app can do anything it wants with your device. The dramatic effect comes lies in the fact that this banner is superimposed over a notification warning you that you’re about to unlock your permissions, meaning if you’re not very clever you won’t realize you’re being tricked.
After this step you’ll get the standard old message ‘from the FBI’ warning you that you’re commiting a crime by supposedly storing illegal files on your device and pressing you to pay the ridiculous sum of $500 to remove the lock from your smartphone. It also tells you that if you turn off your phone you’ll be committing even worse crimes, and invites you to pay the fine through a section of the app itself.
Obviously this is all a farce that’s easily avoided if you’re cautious and only download apps from secure sources (Uptodown among them, obviously!) and check the permissions your apps have access to. As we’ve already mentioned several times, there are tools that let you analyze those permissions in detail, as in the case of F-Secure App Permissions. In any case, given that the flesh is weak, we’ve also done a post for you with some tips on consuming ‘adult’ content from your smartphone.
Source | Hispasec blog