gossip lanka

SLCERT warns of ransomware targeting Android phones

The Sri Lanka Computer Emergency Readiness Team (SLCERT) says that there are possibilities of android phones being affected by Ransomeware and warned users to be alert regarding such attacks.

Ransomware is a type of malware (malicious software) that locks users from accessing their data in their computer or any mobile device.

In order to unlock their data, the users must pay a certain amount of
ransom, this is mainly done by the payment method which uses Bitcoin.

Although paying is an option for recovering your data, Sri Lanka CERT does not recommend payment because there is no guarantee the attackers will keep their promise.

Comprehensive awareness training to avoid being victimized by phishing emails, disabling hidden file extensions, disabling macro scripts, blocking AppData / Local AppData and taking regular backups of your important data are just some of the recommendations to defend against Ransomware.

Recent foreign media reports state that cybercriminals have developed an innovative ransomware that is based on the foundations of a particular banking Trojan to misuse Android accessibility services.

The ransomeware known as DoubleLocker has two powerful tools for extorting money from its victims, and includes a combination that has not been seen previously in the Android ecosystem.

DoubleLocker not only encrypts data as all ransomware does, it also changes the PIN on the target device.

DoubleLocker was discovered by security researchers at ESET. They say that the ransomware abuses Android accessibility settings, and is the first to use a double-lock approach.