RANSOMWARE ON APPLE IPHONE ANDROID
Extortion: LeakerLocker, an Android ransomware variant from 2017, locked the victim device’s screen, and collected information from it-including Chrome browser history, call history, pictures, and text messages-and threatened to expose it if a ransom was not paid.A screenshot of the CovidLock ransom note can be seen in Figure 1. This technique was also used in 2015 by the aptly named Lockerpin ransomware, and a similar technique more recently in 2020 by CovidLock.
RANSOMWARE ON APPLE IPHONE CODE
Resetting the Device PIN: In addition to using AES encryption to encrypt the files in a device’s storage directory, DoubleLocker, which emerged in 2017, also changed the device’s PIN code to prevent access to the device.While the files themselves are not encrypted, the ransom note screen will persistently overlay the screen, making the phone unusable. Hijack User Permissions: Some Android malware, including ransomware and banking trojans, abuse the permission SYSTEM_ALERT_WINDOW, which allows the application to overlay a window on top of all other phone apps.
Because this callback runs when the user presses the Home button or closes an app, this prevents the victim from dismissing the ransom note. Instead, it takes advantage of a high-priority “call” notification and overrides the onUserLeaveHint() callback to pop up the ransom note.
However, we don’t hear a lot about devastating ransomware attacks targeting smartphone operating systems, like iOS or Android. With so many devices out there, it seems like mobile would be an excellent target for ransomware threat actors. Mobile phones are certainly ubiquitous- 85% of Americans currently own a smartphone, and in 2020, 3.5 billion people owned a smartphone worldwide.
0 kommentar(er)
