#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security Posture Management

android ransomware | Breaking Cybersecurity News | The Hacker News

7 Ways Hackers and Scammers Are Exploiting Coronavirus Panic

7 Ways Hackers and Scammers Are Exploiting Coronavirus Panic

Apr 09, 2020
In our previous stories, you might have already read about various campaigns warning how threat actors are capitalizing on the ongoing coronavirus pandemic in an attempt to infect your computers and mobile devices with malware or scam you out of your money. Unfortunately, to some extent, it's working, and that's because the attack surface is changing and expanding rapidly as many organizations and business tasks are going digital without much preparation, exposing themselves to more potential threats. Most of the recent cyberattacks are primarily exploiting the fears around the COVID-19 outbreak—fueled by disinformation and fake news—to distribute malware via Google Play apps , malicious links and attachments, and execute ransomware attacks. Here, we took a look at some of the wide range of unseen threats rising in the digital space, powered by coronavirus-themed lures that cybercriminals are using for espionage and commercial gain. The latest development adds to a l
New Ransomware Not Just Encrypts Your Android But Also Changes PIN Lock

New Ransomware Not Just Encrypts Your Android But Also Changes PIN Lock

Oct 13, 2017
DoubleLocker —as the name suggests, it locks device twice. Security researchers from Slovakia-based security software maker ESET have discovered a new Android ransomware that not just encrypts users' data, but also locks them out of their devices by changing lock screen PIN. On top of that: DoubleLocker is the first-ever ransomware to misuse Android accessibility —a feature that provides users alternative ways to interact with their smartphone devices, and mainly misused by Android banking Trojans to steal banking credentials. "Given its banking malware roots, DoubleLocker may well be turned into what could be called ransom-bankers," said Lukáš Štefanko, the malware researcher at ESET. "Two-stage malware that first tries to wipe your bank or PayPal account and subsequently locks your device and data to request a ransom." Researchers believe DoubleLocker ransomware could be upgraded in future to steal banking credentials as well, other than just ext
cyber security

Cracking the Code to Vulnerability Management

websitewiz.ioVulnerability Management / Cloud Security
Vulnerability management in the cloud is no longer just about patches and fixes. In this latest report, the Wiz Security Research team put vulnerability management theory into practice using recently identified vulnerabilities as examples. Get the FREE report
New Report: Unveiling the Threat of Malicious Browser Extensions

New Report: Unveiling the Threat of Malicious Browser Extensions

Dec 06, 2023Browser Security / Privacy
Compromising the browser is a high-return target for adversaries. Browser extensions, which are small software modules that are added to the browser and can enhance browsing experiences, have become a popular browser attack vector. This is because they are widely adopted among users and can easily turn malicious through developer actions or attacks on legitimate extensions. Recent incidents like  DataSpii  and the  Nigelthorn  malware attack have exposed the extent of damage that malicious extensions can inflict. In both cases, users innocently installed extensions that compromised their privacy and security. The underlying issue lies in the permissions granted to extensions. These permissions, often excessive and lacking granularity, allow attackers to exploit them. What can organizations do to protect themselves from the risks of browser extensions without barring them from use altogether (an act that would be nearly impossible to enforce)?  A new report by LayerX, "Unveiling the
Easy-to-Use Apps Allow Anyone to Create Android Ransomware Within Seconds

Easy-to-Use Apps Allow Anyone to Create Android Ransomware Within Seconds

Aug 25, 2017
"Ransomware" threat is on the rise, and cyber criminals are making millions of dollars by victimizing as many people as they can—with WannaCry , NotPetya and LeakerLocker being the ransomware threats that made headlines recently. What's BAD? Hacker even started selling ransomware-as-a-service (RaaS) kits in an attempt to spread this creepy threat more easily, so that even a non-tech user can create their own ransomware and distribute the threat to a wider audience. The WORSE —You could see a massive increase in the number of ransomware campaigns during the next several months—thanks to new Android apps available for anyone to download that let them quickly and easily create Android ransomware with their own devices. Security researchers at Antivirus firm Symantec have spotted some Android apps available on hacking forums and through advertisements on a social networking messaging service popular in China, which let any wannabe hacker download and use Trojan
Decompiled SLocker Android Ransomware Source Code Published Online

Decompiled SLocker Android Ransomware Source Code Published Online

Jul 24, 2017
Bad news for Android users — Decompiled source code of for one of the oldest mobile and popular Android ransomware families has been published online, making it available for cyber criminals who can use it to develop more customised and advanced variants of Android ransomware. Decompiled source code for the SLocker  android ransomware, which saw a six-fold increase in the number of new versions over the past six months, has just been published on GitHub and is now available to anyone who wants it. The SLocker source code has been published by a user who uses 'fs0c1ety' as an online moniker and is urging all GitHub users to contribute to the code and submit bug reports. SLocker or Simple Locker is mobile lock screen and file-encrypting ransomware that encrypts files on the phone and uses the Tor for command and control (C&C) communication. The malware also posed as law enforcement agencies to convince victims into paying the ransom. Famous for infecting thousands
New Ransomware Threatens to Send Your Internet History & Private Pics to All Your Friends

New Ransomware Threatens to Send Your Internet History & Private Pics to All Your Friends

Jul 13, 2017
After WannaCry and Petya ransomware outbreaks, a scary (but rather creative) new strain of ransomware is spreading via bogus apps on the Google Play Store, this time targeting Android mobile users. Dubbed LeakerLocker , the Android ransomware does not encrypt files on victim's device, unlike traditional ransomware, rather it secretly collects personal images, messages and browsing history and threatens to share it to their contacts if they don't pay $50 (£38). Researchers at security firm McAfee spotted the LeakerLocker ransomware in at least two apps — Booster & Cleaner Pro and Wallpapers Blur HD — in the Google Play Store, both of which have thousands of downloads. To evade detection of malicious functionality, the apps initially don't contain any malicious payload and typical function like legitimate apps. But once installed by users, the apps load malicious code from its command-and-control server, which instructs them to collect a vast number of sensitive
Beware! Pre-Installed Android Malware Found On 36 High-end Smartphones

Beware! Pre-Installed Android Malware Found On 36 High-end Smartphones

Mar 11, 2017
Bought a brand new Android Smartphone? Do not expect it to be a clean slate. At least 36 high-end smartphone models belonging to popular manufacturing companies such as Samsung, LG, Xiaomi, Asus, Nexus, Oppo, and Lenovo, which are being distributed by two unidentified companies have been found pre-loaded with malware programs. These malware infected devices were identified after a Check Point malware scan was performed on Android devices. Two malware families were detected on the infected devices: Loki and SLocker. According to a blog post published Friday by Check Point researchers, these malicious software apps were not part of the official ROM firmware supplied by the smartphone manufacturers but were installed later somewhere along the supply chain, before the handsets arrived at the two companies from the manufacturer's factory. First seen in February 2016, Loki Trojan inject devices right inside core Android operating system processes to gain powerful root privi
Android Ransomware now targets your Smart TV, Too!

Android Ransomware now targets your Smart TV, Too!

Jun 15, 2016
Do you own a Smartwatch, Smart TV, Smart fridge, or any Internet-connected smart device? If your answer is yes, then you need to know the latest interest of the cyber criminals in the field of Internet of Things. Ransomware! After targeting hospitals, universities, and businesses, Ransomware has started popping up on Smart TV screens. A new version of the Frantic Locker (better known as FLocker ) Ransomware has now the ability to infect and lock down your Smart TVs until you pay up the ransom. Researchers at Trend Micro have discovered the updated version of FLocker that is capable of locking Android smartphones as well as Smart TVs . Originally launched in May 2015, the FLocker ransomware initially targeted Android smartphones with its developers constantly updating the ransomware and adding support for new Android system changes. Here's what the new version of FLocker does to your Android-powered Smart TVs: FLocker locks the device's screen. Displays a
LockerPin Ransomware Resets PIN and Permanently Locks Your SmartPhones

LockerPin Ransomware Resets PIN and Permanently Locks Your SmartPhones

Sep 12, 2015
Your device's lock screen PIN is believed to keep your phone's contents safe from others, but sadly not from a new piece of ransomware that is capable of hijacking safety of your Android devices . A group of security researchers has uncovered what is believed to be the first real example of malware that is capable to reset the PIN code on a device and permanently lock the owner out of their own smartphone or tablet. This Android PIN-locking ransomware, identified as Android/Lockerpin.A , changes the infected device's lock screen PIN code and leaves victims with a locked mobile screen, demanding for a $500 (€450) ransom . Here's the Kicker: Since the lock screen PIN is reset randomly, so even paying the ransom amount won't give you back your device access, because even the attackers don't know the changed PIN code of your device , security researchers at Bratislava-based antivirus firm ESET warn . LockerPIN , as dubbed by the researchers,
This Creepy App Captures Users' Private Moment Photos and Blackmails for Money

This Creepy App Captures Users' Private Moment Photos and Blackmails for Money

Sep 08, 2015
How difficult is for hackers to take over your personal photographs? They just need to trick you to download an app, or may be a Porn app . Yes, if you are one of those who can't resist watching porn then you could be an easy target for hackers who are distributing ransomware via malicious pornography app to run you out of your money. A pornography application for Android called Adult Player that promises free pornographic videos has been caught taking photographs of users and then extorting them for ransom ( Cyber Extortion ). Once installed, Adult Player gains administrator access to the victim's device, which then allows it to load malicious ransomware files. When Hackers Turn to Blackmail: Demands $500 Ransom When a user opens the app, Adult Player secretly takes photos of the user with the help of front-facing camera and then demands a $500 (£330) ransom in order to restore the device access and delete all photos stored on attackers server.
Ransomware Attacks Threaten Wearable Devices and Internet of Things

Ransomware Attacks Threaten Wearable Devices and Internet of Things

Aug 14, 2015
Are you a proud owner of a Smartwatch, a Smart TV , a Smart fridge, a Smart lock, an Internet-enabled car , or live in a smart city? Caution! Recently, it has been reported that the growth of the Internet of Things would eventually lead to cyber criminals in making lots of money, as they started attacking the Internet of Things for Ransom. Yes, the latest Interest of the cyber criminals in the field of Internet of Things is ' Ransomware '. Internet of Things (IoT) such as Android and iOS-based wearable Smartwatches and the concept of connected homes has now given a treat to the current generation Ransomware. With the advancements in Technology, cyber criminals are simultaneously promoting themselves from the threat known for restricting computers or encrypting files and asking users for money in return for gaining back access to their systems. From computers to mobile phones, now criminals are targeting the IoT and the wearables devices. Security resea
Cybersecurity Resources