Microsoft has warned about a new strain of mobile ransomware that takes advantage of incoming call notifications and Android’s Home button to lock the device behind a ransom note.
The findings concern a variant of a known Android ransomware family dubbed “MalLocker.B” which has now resurfaced with new techniques, including a novel means to deliver the ransom demand on infected devices as well as an obfuscation mechanism to evade security solutions.
The development comes amid a huge surge in ransomware attacks against critical infrastructure across sectors, with a 50% increase in the daily average of ransomware attacks in the last three months compared to the first half of the year, and cybercriminals increasingly incorporating double extortion in their playbook.
MalLocker has been known for being hosted on malicious websites and circulated on online forums using various social engineering lures by masquerading as popular apps, cracked games, or video players.
Previous instances of Android ransomware have exploited Android accessibility features or permission called “SYSTEM_ALERT_WINDOW” to display a persistent window atop all other screens to display the ransom note, which…