NEWS
NEWS
NEWS
New FLocker ransomware can attack Android-powered smart televisions
A new form of ransomware that can attack Android-powered smart televisions has been discovered by security researchers at Trend Micro, Inc.
Dubbed FLocker (short for the Frantic Locker), the malware has been in circulation since at least April 2015 and has previously concentrated on locking down smartphones running the latest builds of Android. However, a newer version of the code now sees it target Smart TVs as well.
The malware can be spread in several ways, including via infected sites and even through SMS messages; it waits 30 minutes after infecting a device before it acts, starting a background service which requests device admin privileges.
If a user denies access to admin privileges, the malware will freeze the screen and fake system updating.
Upon gaining admin access, the malware contacts a command and control center and delivers a new payload that includes the ability to initiate further installations, take photos of the affected user, and to use those photographs as part of an extortion attempt.
Shortly thereafter users receive a “police trojan” message pretending to represent the “US Cyber Police,” that accuses the victim of false crimes and then demands $200 in iTunes gift cards to have the Smart TV or mobile device unlocked.
To make matters worse, an infection on one device means that all devices running Android on the same network may also become infected as well.
“Using multiple devices that run on one platform makes life easier for a lot of people. However, if a malware affects one of these devices, the said malware may eventually affect the others, too,” Trend Micro’s Echo Duan explained in a blog post.
Interestingly, the ransomware does not target everyone. If a device is determined to be located in the East European countries of Kazakhstan, Azerbaijan, Bulgaria, Georgia, Hungary, Ukraine, Russia, Armenia or Belarus, FLocker deactivates itself.
Solution
Unfortunately, there’s no easy solution to fix an infected device.
Trend Micro recommends that if an Android TV gets infected, the user should contact the device vendor for a solution.
Alternatively, the malware can be removed through enabling ADB debugging, connecting to the device using a PC, launching an ADB shell and then executing the comment “PM clear %pkg%”. This kills the ransomware process and unlocks the screen. Once fixed, users are advised to then deactivate ADB debugging.
Naturally, users are encouraging to practice safe internet and make sure they have mobile security software installed on all their Android devices.
photo credit: Freedom is for the free via photopin (license)
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
