Researchers from the ESET security company found a ransomware that attacked the Android operating system. In addition to holding user data, a ransomware called DoubleLocker can change the device PIN.
"Changing the PIN and preventing users from accessing the device and encrypting the victim's data," says researchers from ESET Lukáš Štefanko.
Just like other ransomware, the victim must grant the ransom that the hacker requested to retrieve the data.
The previous DoubleLock method is also used (malware) in the banking section. Even so, ransomware is not able to access banking services from Android-based smartphones or tablets.
DoubleLocker spreads through a fake version of Adobe Flash Player updates that are posted on certain sites. Ransomware is pretty clever. He can "seduce" the victim to activate DoubleLocker unknowingly.
Once active, ransomware will encrypt the data that is on Android smartphones. Smartphone can not be opened because protected new PIN.
After the data was captured, this DoubleLocker ransomware presented a notification containing the reason why they had to pay to re-access its data, as KompasTekno sums up from TechTimes on Thursday (19/10/2017).
First, hackers have manipulated PINs on Android devices that prevent users from accessing the data. Secondly, hackers have encrypted all data on main device storage by using Advanced Encryption Standard (AES) encryption algorithm.
What to do if our device is attacked by this ransomware? Android users who become victims of Ransomware has only 24 hours to pay 0.0130 bitcoin or 73.38 US dollars (about Rp 1 million). DoubleLocker Ransomware has not been reported in Indonesia.
However, there is another way besides having to pay the ransom. Simply by resetting to the initial system, DoubleLocker ransomware infection will be lost. Even so, the data owned will be permanently deleted. Therefore, to prevent data loss, do not forget to back up data on a regular basis.