How Android Nougat will help protect your password from ransomware

New condition will partially prevent unwanted Android lockscreen password resets.

How Android Nougat will help protect your password against ransomware

It's abundantly clear: Android ransomware is on the rise.

Last month, researchers at Kaspersky Lab reported a near-400 percent increase in the number of ransomware targeting Android users over the past year.

We've come across several interesting ransomware families in that time span. Some have masqueraded as porn apps, while others have targeted all Android devices including smart TVs.

Still others have leveraged even more advanced capabilities.

Take Android.Lockdroid.E, for example. The malware resets an Android user's lockscreen password/PIN/pattern after scaring victims with a system error GUI. It does so by invoking the resetPassword() method as long as the calling application is a device administrator.

Fig1 38

As a result, even victims who are able to remove the malware from their devices might not be able to gain access to their phones without a factory reset.

But change is afoot. Google is actively working to prevent ransomware variants from resetting Android users' passwords.

The change comes in the form of a condition embedded in Android's newest operating system, Android Nougat.

Symantec security researcher Dinesh Venkatesan explains the condition will allow the resetPassword API to only set and not reset the password:

"This development will be effective in ensuring that malware cannot reset the lockscreen password, as the change is strictly enforced and there is no backward compatibility escape route for the threat. Backward compatibility would have allowed malware to reset the lockscreen password even on newer Android versions. With this change, there is no way for the malware to reset the lockscreen password on Android Nougat."

Fig2 b 1

Like most things in life, there are a few caveats, however. The condition won't prevent malware from setting a password on a device with no existing password. The feature will also get in the way of disinfectors, automated tools which clean malware off of infected devices.

To balance out these drawbacks, users should protect their devices with some form of password. They should also download applications only from trusted developers and install an up-to-date anti-virus solution onto their devices.

Android Nougat is expected to begin rolling out to lucky users later in 2016.

Tags: , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episodes:

, ,

No comments yet.

Leave a Reply