ClickJacking Android Ransomware is the new silent killer

ClickJacking Android Ransomware

ClickJacking Android Ransomware

You definitely know what you are surfing and when you are surfing, but do you know that even others may know what you are surfing and when you are surfing? Tracking your Internet activities is not a difficult task today. Not only tracking, recording and storing are also not a big deal. When you visit any website, you actually declare your current physical location and the details of your device which is currently in use.

Ransomware

What is ransomware? Ransomware is a malware. Then what is a malware? Malware can be anything from harmful software, a virus, Trojan horse .etc.Online security is one of the major concern today. Not only people like you and me, but also the government is worried about Internet security. The reason is the increase in the level of Internet security breaches and data theft.

Latest devices, latest threats!

Threats and viruses were only meant for computers. Then smartphones entered the market. Smartphones became famous as soon as they were launched and today, almost everyone has a Smartphone. Talking about only Android, in 2015, Android dominated almost 80% of the worldwide market in Smartphone sector. So this lead to various threats and malware’s which are meant just for your Smartphone! These are known as Android Ransomware.

There are many different types of Android Ransomware which have proved to be a threat for Android users. Threats are not just successful because they are strong coded and can easily breach security walls, but they are also successful because of our basic mistakes.

Ransomware Extortion Techniques

There are a number of means to extort victims via Ransomware. Downloading and installing a Trojanized app is the most common scenario of extortion. Once the victim installs the fake app, the malware locks the screen and displays an alert. Now this is a bogus alert, which claims that the user has illegal data in the phone. Not only this, while you are dealing with screen lock, on the backend, such app is fetching all your contact details and browsing history, then it will ask for extortion money.

To make it even more dangerous, it may ask you to become the device administrator. If you agree to this at any point in time, you won’t be able to remove this app or perform a factory reset. Your files can also be encrypted.

So how clickjacking occurs?

Clickjacking generally occurs by malicious apps which promote tempting offers and schemes, porn apps. Etc. Generally, people don’t even read the terms and conditions before installing such apps as they don’t have time to read them.

Step1:  So the initial step is fake package installation dialog box. There will be a dialog box, which would be displaying any message like “click to activate this operation” and so on. Once you click on agree or continue, the app invokes device administrator and requests API. Even while installing, the installation message would be shown at the most general place, like the top or the bottom.

Step2: After a certain amount of false delay, you receive a confirmation regarding installation completed. Now this message is actually a TYPE_SYSTEM_OVERLAY window. This window is not capable of taking input focus, which means that UI will not respond to button clicks. Interestingly, the window which is below it, where there is a activate button, is replaced exactly by some other button like “Continue”. This means that you are activating but you think you pressed to continue.

The complete application is installed in your Smartphone by just these two steps.

Mitigation

Right from Android 5.0(Lollipop), the platform is preventing the dialog box to be displayed over the permission dialog box. Due to this, clickjacking only affects the devices which use versions older than Android 5.0.

Measures to be taken:

[1] Software should always be up to date, which means never skip update installation or delay it. These are actually very important.

[2] Install apps from trusted sources. Do not install apps which are doubtful, avoid installing apps which you won’t be using. Many of us have it of installing apps which will never be useful, it will only consume your memory.

[3] Use a good security solution like Mobile Security applications like antivirus.

Conclusion:

Mobile security internally as well as externally is extremely important today, as you have your personal data, your contacts and you have done online transactions through it. So using it wisely and spending some bucks on any good mobile antivirus software will provide you a shield from Ramsonware.

So be safe and protect your identity from ClickJacking Android Ransomware.

Leave a Reply