According to the Microsoft’s Defender Research team, the ransomware MalLocker.B manipulates multiple Android OS functions to take over your phone when you press the home button.  The good news is that it does not encrypt your files.  What happens is the malware hijacks the internal software, and in some cases displays a notice from law enforcement, informing you, you have committed a crime, don’t you remember, and now you must pay a fine. Or there is a more traditional ransom note, with the usual threats and instructions on where to send the money.

What to do?

As with most things MalLocker.B won’t get on your phone by itself.  The application is used by scams, third rate applications, and forums. So don’t download apps from unknow sources, or go to third rate forums and download files or accept access where then files are down loaded.

What can you do to when this happens to you?

If you know what you are doing the MalLocker.B can be removed via the safe mode or Android Debug Bridge (ADB). There is Microsoft Defender for Endpoint on Android that detects the ransomware (AndroidOS/MalLocker.B).  Microsoft Defender will also remove other malicious apps and files.  The advertisement for Microsoft Defender is that it uses cloud-based protection powered by deep learning and heuristics, in addition to content-based detection.

Sources.

ExtremeTech. by Ryan Whitwam October 9, 2020. Retrieved from: https://www.extremetech.com/author/rwhitwam

India TV News. Retrieved from: https://www.indiatvnews.com/technology/news-microsoft-finds-dangerous-android-ransomware-know-details-655669


This USVBA Cyber Alert is provided by our partner, 171 Comply. Please visit their website to learn more about CMMC and their services.