Android users are being cautioned to remain vigilant as a new cyberattack threat has emerged. This latest danger is particularly alarming, as it locks phones upon infection and demands a ransom from users to prevent permanent file destruction.
Known as DroidLock, this threat was discovered by the security experts at Zimperium and is currently impacting Android users in certain European regions. It is being spread through deceptive websites that endorse fake apps posing as legitimate software. Once installed, DroidLock seizes full control of devices, monitoring screen unlock codes.
Subsequently, hackers can alter the codes and lock users out of their phones. Victims are then presented with a ransom demand via a screen overlay, threatening file deletion unless payment is made. A countdown timer adds pressure by indicating the time left to comply.
According to Zimperium, “DroidLock, a form of ransomware, spreads through phishing websites, seizing control of device screens with ransomware-like overlays and illicitly obtaining app lock credentials, resulting in complete device compromise.” The malware uses misleading system update screens to deceive victims and can remotely access devices via VNC. It also exploits device admin permissions to lock or erase data, capture images using the front camera, and mute devices.
Although DroidLock has not yet reached the UK, Android users are advised to remain cautious. To enhance security, it is crucial for all Android users to exclusively download apps from official sources like Google’s Play Store. Individuals should exercise caution when urged to sideload software from websites, verifying the developer’s authenticity before downloading any applications.
Prioritize caution and scrutiny when installing apps on your Android device.