Eset discovers aggressive Android malware changing PIN code

Downloading an application from unverified sources sometimes might not only save users of mobile devices some money, but also pass on to them an unwanted gift in the form of malware.

(Source: Courtesy of Eset)

Researchers of the Slovak IT security firm Eset have discovered the first Android PIN-setting ransomware. LockerPIN sets or changes the device’s PIN lock, unbeknownst to the user as it locks the screen and demands a $500 ransom.

“You can save a few dollars by downloading the application from unverified sources, but always keep in mind, it can result in data or privacy loss, usually of a much bigger emotional or financial value,” said Eset’s detection engineer Lukáš Štefanko as cited in the company’s press release.

LockerPIN spreads via unverified third party app stores, warez forums and torrents. After a successful installation, the trojan horse tries to obtain Device Administrator privileges by overlaying the system message with its own window and masquerading as an “Update patch installation”.

Currently, even if the trojan is removed, for unrooted devices that aren’t protected by a security solution, there is no simple way to change the PIN except for a factory reset. This, however, results in the loss of all data. To add insult to injury, even if the user decides to pay the ransom, the attackers cannot unlock the device as the PIN is set randomly.

Štefanko specified that based on Eset statistics, the majority of infected Android devices is in the USA with a total percentage share of over 75 percent.

"This is part of a trend where Android malware writers are shifting from targeting mostly Russian and Ukrainian users to Americans where they can arguably make higher profits,” said Štefanko. 

The processing of personal data is subject to our Privacy Policy and the Cookie Policy. Before submitting your e-mail address, please make sure to acquaint yourself with these documents.

Theme: IT


Top stories

Government announces a state mourning for the victims of the crash near Nitra

Flags will be raised at half-mast between 8:00 and 20:00.

A black flag was raised in front of the Government's Office.

UPDATED: Road accident near Nitra claims 12 lives

Pellegrini is considering a national mourning on Friday.

All the things that were left overdue

Last week brought a resignation and a half-hearted opposition deal.

Deputy Speaker Martin Glváč (left) and Smer chair Robert Fico (right) held a press conference on October 29, 2019

The alleged driver in the Kuciak murder case may confess his guilt in court

Tomáš Szabó could be the third of five accused to confess their guilt.

The police escorts Tomáš Szabó, the accused in the Kuciak case, to the Specialised Criminal Court in Banská Bystrica, central Slovakia, on September 30, 2018