Petronella Blog Archive

Visit our New Blog

Android Ransomware

Blog Post

A new form of ransomware locks your Android and changes the PIN, cutting you off from being able to use your phone.

Ransomware, if you don't recall, is malicious software that, up to now, would encrypt all the files on a computer and display a message explaining what has happened and giving you instructions on how to send money to regain access to the files. 

This new iteration, called Lockerpin, tricks Android users into granting the app admin rights by putting a fake patch installation window over an activation notice.  A user thinks they're hitting the continue button, but they're actually allowing the app to change the phone's settings.  Lockerpin then resets the lock screen's PIN.  Once that's done, a message is sent ordering the user to pay a $500 bribe for having viewed forbidden porn.

A user can get around the ransom by doing a factory reset, but they will then lose all the data on the phone.  People tend not to download and backup their pictures and videos from phones these days, so the risk of losing so many memories is a pretty big threat to many.

The malicious app isn't too pervasive yet because it's only available from third-party app stores and is hidden as a porn app.  That said, it's the first of its kind, so innovative use is likely to spread.