How Android Nougat will help protect your password from ransomware

David Bisson

How Android Nougat will help protect your password against ransomware

How Android Nougat will help protect your password against ransomware

It’s abundantly clear: Android ransomware is on the rise.

Last month, researchers at Kaspersky Lab reported a near-400 percent increase in the number of ransomware targeting Android users over the past year.

We’ve come across several interesting ransomware families in that time span. Some have masqueraded as porn apps, while others have targeted all Android devices including smart TVs.

Still others have leveraged even more advanced capabilities.

Take Android.Lockdroid.E, for example. The malware resets an Android user’s lockscreen password/PIN/pattern after scaring victims with a system error GUI. It does so by invoking the resetPassword() method as long as the calling application is a device administrator.

Fig1 38

As a result, even victims who are able to remove the malware from their devices might not be able to gain access to their phones without a factory reset.

But change is afoot. Google is actively working to prevent ransomware variants from resetting Android users’ passwords.

The change comes in the form of a condition embedded in Android’s newest operating system, Android Nougat.

Symantec security researcher Dinesh Venkatesan explains the condition will allow the resetPassword API to only set and not reset the password:

“This development will be effective in ensuring that malware cannot reset the lockscreen password, as the change is strictly enforced and there is no backward compatibility escape route for the threat. Backward compatibility would have allowed malware to reset the lockscreen password even on newer Android versions. With this change, there is no way for the malware to reset the lockscreen password on Android Nougat.”

Fig2 b 1

Like most things in life, there are a few caveats, however. The condition won’t prevent malware from setting a password on a device with no existing password. The feature will also get in the way of disinfectors, automated tools which clean malware off of infected devices.

To balance out these drawbacks, users should protect their devices with some form of password. They should also download applications only from trusted developers and install an up-to-date anti-virus solution onto their devices.

Android Nougat is expected to begin rolling out to lucky users later in 2016.

David Bisson David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley Security News and Associate Editor for Tripwire's "The State of Security" blog.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET EMAIL UPDATES