ANDROIDOS_LOCKERPIN.A
Windows
Threat Type: Others
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This malware uses common file icons to trick a user into thinking that the files are legitimate.
TECHNICAL DETAILS
78435 bytes
Yes
Locks mobile device
Mobile Malware Routine
This malware displays the following:
- 有什么不懂加qq:390870570
Once the app is used, it displays the following screen:
- ransom through qq number: 390870570
The SMS message it sends contains the following text:
- destination phone number: 15123492642,
- content: 我己安装软件
Upon installation, it asks for the following permissions:
- android.permission.SYSTEM_ALERT_WINDOW
- android.permission.RECEIVE_SMS
- android.permission.SEND_SMS
- android.permission.RECEIVE_BOOT_COMPLETED
- android.permission.INTERNET
- android.permission.ACCESS_NETWORK_STATE
It uses common file icons to trick a user into thinking that the files are legitimate.
It is capable of doing the following:
- auto send sms to 15123492642
- modify pin code to lock screen
NOTES:
Upon installation, this malware requests device admin privileges.
Should privilege be granted, it then modifies the device's lock PIN. It then sends an SMS message to a certain number to tell to notify the attacker of the routine's successful execution.
The affected mobile device is then rendered inaccessible and unlockable until the ransom is paid via contacting the QQ number supplied.
SOLUTION
9.800
Trend Micro Mobile Security Solution
Trend Micro Mobile Security Personal Edition protects Android and iOS smartphones and tablets from malicious and Trojanized applications. It blocks access to malicious websites, increase device performance, and protects your mobile data. You may download the Trend Micro Mobile Security apps from the following sites:
Did this description help? Tell us how we did.