Android Ransomware Attack the new terror
Category : Blog
ANDROID RANSOMWARE USING PSEUDORANDOM PASSCODE
Android Ransomware is not new to the world and it had infected many android devices in the recent past but a new version of Ransomware is much more powerful. Attacks on android devices had increased heavily as more sensitive data is now stored in the small portable device which is very user friendly. Ransomware which were used to attack android devices earlier use to lock the screen using a hardcoded password but android penetration testers were able to unlock the device by performing reverse engineering. However the new Android Ransomware had made it impossible to perform reverse engineering as it is using pseudorandom passcodes. Due to this act victims are forced to pay the ransom.
WHAT IS PSEUDORANDOM PASSCODES ?
Pseudorandom passcode is a custom System Error message window which appears on every visible user interface of the infected android device. The Android Ransomware also displays message through this window asking the victim / user to interact with the attacker to unlock the android device.
In the previous Android Ransomware hardcode the passcode that unlock the android device is the samples code but the new version replaces this code with a pseudorandom numbers. Pseudorandom numbers are randomly generated numbers either 6 digit or 8 digit .
Numbers generated by the new Android Ransomware Pseudorandom is unique for every individual android device as the base number is acquired with the “Maths.Random()” function. The customized lock screen which is created by the system error message is also providing admin privileges which is used by the attacker to change the PIN of the normal lock screen. Malware Analyst had been working hard to counter this threat and using the same technique as used in the previous Android Ransomware attack.
This new Ransomware attack is expected to attack more than 32,0981 android devices within the end of October 2016.