ESET Researchers Discover First-Ever Ransomware Misusing Android Accessibility Services
Created: 2017-10-17 05:01:13
ESET researchers have discovered DoubleLocker, an innovative Android malware that combines a cunning infection mechanism with two powerful tools for extorting money from its victims.
“DoubleLocker misuses Android accessibility services, which is a popular trick among cybercriminals. Its payload can change the device’s PIN, preventing the victim from accessing their device and encrypts the victim’s data. Such a combination hasn’t been seen yet in the Android ecosystem,” comments Lukáš Štefanko, ESET Malware Researcher who discovered DoubleLocker.
On top of being ransomware, DoubleLocker is based on the foundations of a particular, already documented banking Trojan. According to Štefanko, the functionality for harvesting users’ banking credentials and wiping out their accounts can be added easily.
“The additional functionality will turn this malware into what can be called ransom-banker,” warns Lukáš Štefanko, who claims he spotted a test version of such a ransom-banker in the wild in May 2017.
For more details, read an article on DoubleLocker at ESET’s official blog, WeLiveSecurity.
About ESET
ESET®, the pioneer of proactive protection and the maker of the award-winning ESET NOD32® technology, is a global provider of security solutions for businesses and consumers. For over 26 years, the Company continues to lead the industry in proactive threat detection. By obtaining the 80th VB100 award in June 2013, ESET NOD32 technology holds the record number of Virus Bulletin "VB100” Awards, and has never missed a single “In-the-Wild” worm or virus since the inception of testing in 1998. In addition, ESET NOD32 technology holds the longest consecutive string of the VB100 awards of any AV vendor. ESET has also received a number of accolades from AV-Comparatives, AV-TEST and other testing organisations and reviews. ESET NOD32® Antivirus, ESET Smart Security®, ESET Cyber Security® (solution for Mac), ESET® Mobile Security and IT Security for Business are trusted by millions of global users and are among the most recommended security solutions in the world.
ESET recently updated its two-factor authentication (2FA) application, adding a secure validation to weak and static user passwords. This updated version of ESET’s 2FA application provides flexibility and deeper integration of 2FA into bespoke applications, making it the best cost-effective solutions for SMBs everywhere.
The Company has global headquarters in Bratislava (Slovakia), with regional distribution centers in San Diego (U.S.), Buenos Aires (Argentina), and Singapore; with offices in Jena (Germany), Prague (Czech Republic) and Sao Paulo (Brazil). ESET has malware research centers in Bratislava, San Diego, Buenos Aires, Singapore, Prague, Košice (Slovakia), Krakow (Poland), Montreal (Canada), Moscow (Russia) and an extensive partner network for more than 180 countries. For more information visit https://eset.version-2.sg/ or follow us on Facebook.
About GREYCORTEX
Built on a decade of extensive industry and academic experience, with investment from YSoft Ventures, GREYCORTEX uses advanced machine learning and data analysis to help protect sensitive data, networks, trade secrets, and reputations. In addition to the ESET Technology Alliance, GREYCORTEX serves customers in over 14 countries through its own distributor network.
Join ESET at Facebook