Newly discovered malware DroidLock can wreak havoc on your Android phone, taking over your lock screen — even changing your login info — to prevent victims from being able to get into their devices.
According to researchers at Zimperium, the malware can lock victims’ screens in order to demand a ransom, change the PIN, password or biometric data to prevent the user from accessing their own device, access complete control over the device including text messages, call logs, contacts and audio recordings. The ransomware overlay will instruct the victim to contact the attacker at a Proton email address within 24 hours, otherwise it will permanently destroy the files on the device.
Currently, the targets are largely Spanish-speaking users, but as with most malware, there’s no reason it couldn’t be scaled up.
How to stay safe from ransomware
The good news is that because Zimperium shares its malware findings with the Android security team, Play Protect detects and blocks this threat from devices that are up to date.
That means if your Android device is keep current with updates, you’re in the clear – and this is precisely why we stress again and again that users need to keep their devices up to date.
The bad news is Android users are additionally recommended to avoid sideloading APKs from outside the Google Play store – unless the publisher is a trusted source. So, if you like sideloading apps, make sure to check out the publisher and the URL extensively before you download.
Also, always check to see if the permissions required by an app serve its purposes, and doesn’t overstep. Be particularly wary of anything that is asking for accessibility permissions, as this is often a way that malware will try to sneak in access to your handset. And periodically scan your device with Play Protect. Keep in mind, that the best Android antivirus apps can also be of assistance here in scanning and protecting your phone.
