A new Android malware called DroidLock uses ransomware-like overlays to lock devices, wipe data, and maliciously control victimsβ phones remotely. Targeting Spanish Android users through phishing, it can capture screen activity, steal sensitive information, and exploit device permissions for persistent malicious control. #DroidLock #AndroidPhishing
Keypoints
- DroidLock employs overlays to lock screens and simulate system updates to deceive users.
- The malware requests extensive permissions, including device admin and accessibility services, to perform malicious actions.
- It can remotely control devices via VNC, capture screen activity, and transmit data to command servers.
- The infection chain begins with a dropper that prompts users to allow unknown apps, enabling malware installation.
- Zimperium has reported these findings to Google and released Indicators of Compromise for detection.
Read More: https://thecyberexpress.com/android-malware-locks-device-demands-ransom/