Android users are being cautioned to remain vigilant as a disturbing new cyberattack has emerged. This latest threat is particularly alarming, with phones becoming locked upon infection, prompting users to either pay a ransom or risk permanent file destruction.
Dubbed DroidLock, the threat was discovered by the security experts at Zimperium and is currently impacting Android users in certain parts of Europe. It spreads through malicious websites that promote fake applications masquerading as legitimate software. Once installed, DroidLock seizes full control of phones, monitoring unlock codes entered by users.
Hackers can then manipulate the code, locking users out and displaying a ransom demand or the threat of file deletion through a screen overlay. A countdown timer adds pressure by indicating the time left to comply with the demands.
Zimperium described the situation as a new threat campaign targeting Android users, highlighting DroidLock as a form of ransomware distributed through phishing websites. The malware takes over devices by locking screens with a ransomware-like overlay and illicitly obtaining app lock credentials, enabling complete device control.
Utilizing deceptive system update screens to deceive victims, DroidLock can remotely control devices via VNC, exploit device administrator privileges to lock or erase data, capture photos using the front camera, and mute devices.
While DroidLock has not yet reached the UK, Android users are advised to remain cautious. To stay protected, it is crucial for all Android users to only download applications from official sources like Google’s Play Store. Users should exercise caution when urged to sideload software from websites, verifying developers’ identities and refraining from downloading suspicious content.
It is essential to stay alert and exercise discretion when installing any software on Android devices.