14 DAY TRIAL // The number of threats targeting Android devices is growing at a worrying pace, and one of the reasons for this is that it’s becoming increasingly easier to write malware for Google’s mobile platform.
Living proof is what Symantec security expert Dinesh Venkatesan describes as a Trojan Development Kit (TDK), which is currently available in China and allowing anyone to create Android malware without any coding experience.
The whole thing can be done with an Android APK that can be downloaded freely from various Chinese forums, though it’s important to note that in order to generate the malware, users need to connect with the developer and issue a one-time payment.
Using the app, customers can build a ransomware APK that can be customized with their own message to be displayed on the locked screen of the infected Android device, a user-defined key to unlock the device, a custom icon, mathematical operations to randomize the code, and an animation to be displayed on the compromised phone or tablet.
Don’t install untrusted APKs!
The ransomware can be generated by simply filling in a form, so no coding skills are required, though users need to find their own way to infect devices after the malicious APK is obtained.
“It is then up to the user how they want to spread their newly created ransomware. Anyone unlucky enough to be tricked into installing the malware will end up with a locked device held to ransom. The malware created using this automation process follows the typical Lockdroid behavior of locking the device’s screen with a SYSTEM_ALERT_WINDOW and displaying a text field for the victim to enter the unlock code,” the Symantec expert notes.
It goes without saying that the easiest way to remain secure is to avoid installing APKs coming from sources that you don’t trust, but in most of the cases, security solutions for Android should also detect the ransomware.
The TDK has been spotted on Chinese forums, but Symantec warns that it could very well expand to other regions, which emphasizes that users could soon be exposed to an avalanche of threats targeting their Android devices.