Chinese DIY App Allows Anyone to Create Android Ransomware

LASER_oneXM

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Chinese malware developers have created a specialized Android application that allows anyone to generate a fully-working Android ransomware just by filling in a form and pushing a few buttons.

The app is currently advertised on Chinese underground hacking forums and via Chinese social media networks, and is offered as a commercial product, meaning users must pay a one-time fee before using it.

App generates Lockdroid variants
Discovered by Symantec's resident Android security expert Dinesh Venkatesan, the app has been available since the start of the year. Venkatesan says he spotted various ransomware strains generated by this app, which appears to build custom ransomware strains on the skeleton of the well-known Lockdroid ransomware family. This ransomware strain does not encrypt files, but merely locks the user's device with an attacker-decided PIN.

Venkatesan refers to this app as a TDK — a Trojan Development Kit. Similar products have existed before, for both mobile and desktop malware, but they have required at least some coding knowledge.

This app does not require any coding, and works using a simple GUI. The app allows users to customize:

≫ The ransom message displayed in the lock screen
≫ The code to unlock the device
≫ The icon of the ransomware-laced app
≫ Custom math operations that obfuscate the code
≫ Any animations to be used on the lock screen
Click to expand...


App currently available only in Chinese
Venkatesan says the app is currently available for Chinese-speaking users only, but he believes similar apps will appear for wannabe malware distributors in other countries.

Ransomware is extremely prevalent in China because the Play Store is blocked in the country and locals are used to installing apps from third-party sources, such as online forums and local Android app stores.
Click to expand...
 
  • Like
Reactions: Solarquest, bribon77, silversurfer and 1 other person
bribon77

bribon77

Level 35
Verified
Top Poster
Well-known
Jul 6, 2017
2,392
[QUOTE="LASER_oneXM, post: 665049, member: 49392"Chinese malware developers have created a specialized Android application that allows anyone to generate a fully-working Android ransomware just by filling in a form and pushing a few buttons.

The app is currently advertised on Chinese underground hacking forums and via Chinese social media networks, and is offered as a commercial product, meaning users must pay a one-time fee before using it.][/QUOTE]


Well anybody is a hacker
 
  • Like
Reactions: Winter Soldier and LASER_oneXM
You must log in or register to reply here.

Similar threads

Ashish1+1
    • Like
Technology Android apps can now block sideloading and force downloads through Google Play Store
Replies
4
Views
374
Technology News
Marko :)
Marko :)
Gandalf_The_Grey
    • Like
    • +Reputation
New Update The Windows Windows App is real - replacing Remote Desktop app
Replies
2
Views
373
VM and Remote Access
cartaphilus
cartaphilus
Gandalf_The_Grey
    • Like
    • Hundred Points
    • +Reputation
Malware News TrickMo malware steals Android PINs using fake lock screen
Replies
0
Views
1,268
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top