Sixty-seven percent of Android devices are prone to a newlydiscovered ransomware variant – the first to employ “clickjacking” as a way tofool users into giving away their administrator rights, Symantec warned todayin its Security Response blog.
The malware, Android.Lockdroid.E, is disguised as a porn appcalled Porn ‘O' Mania. When users download the app, the malware pulls up thephone's system activation dialogue, but hides it behind a fake window askingusers to commence a package installation.
Using more fake window overlays, the malware tricks usersinto clicking on the button that grants admin rights to the malware. This clickjackingtechnique allows the ransomware to execute a more aggressive extortion attackagainst the victim, as now the malware can not only encrypt files, but alsolock the device, change its PIN and delete user data through a factory reset.