The Android mobile platform remains the target of attacks that put users’ personal data at risk. Now a new type of ransomware called DoubleLocker affects systems in which a fake update of the Adobe Flash Player has been downloaded and it produces a file encryption and the change of the passwords to later ask for a monetary rescue to their owners.
According to alerted specialists in cybersecurity of the company ESET, this “vermin computing” is a double threat for much of the smartphones that currently use Android as an operating system.
In addition to blocking the password screen and files, due to its origin in a bank malware, DoubleLocker could also be used to steal funds or bank passwords that were on the phone, experts warn.
The infection starts when the user visits an insecure site in which they are asked to install the “Adobe Flash Player” to continue browsing, actually being the installation program of this ramsomware.
Once activated, this software simulates a screen like the one in Google Play asking for permission to “change the password” to enter the smartphone and, if it is granted by the user, enables the encryption of the device.
From there it is impossible to access the phone and, as the home screen, a message announces the attack and asks for a “rescue” of 0.0130 bitcoin. This is equivalent to u $ s74 in the current quotation.
Unlike previous attacks, this ransomware does not need the device to be “rooted”, that is, the user has initiated a process that allows an advanced access to the configuration of the same.
For the average user affected, the solutions go through making the payment or resetting the factory parameters of the device that erases any file that is inside it.
The advanced user can choose to try to recover their phone and their files only the device was previously rooted and in debug mode.