Microsoft is responsible for locating and dealing with potentially dangerous malwares on their own Windows operating system. However, the tech company claims that they try to use their expertise to provide benefits to operating systems beyond their own. According to the company’s cybersecurity blog, Android users should be aware of the new and evolving malwares that target the operating system.
In their official blog, the company stated that they have found a piece of a particularly sophisticated Android ransomware with novel techniques and behavior, exemplifying the rapid evolution of mobile threats that have also been observed on other platforms.
Microsoft claims that this new mobile ransomware was detected by Microsoft Defender for Endpoint as AndroidOS/MalLocker.B. This new malware is the latest variant of a ransomware family that’s been in the wild for a while but has been evolving non-stop, according to the blog.
The ransomware, according to Microsoft, masks itself as popular apps, cracked game or video players. It is known to be found on arbitrary websites which are circulated on online forums. The new malware is specially dangerous as the software company claims that despite being malicious in many ways, it was able to dodge the existing protections and showed a low detection rate against security solutions.
This new malware will not block the users access to the files, instead it will just block access to the device by displaying a screen that appears over every other window, such that the user can’t do anything else. On this screen, the ransom note mentions the potential threats and also provides instructions to pay the ransom.
Microsoft claims that malware uses Android features to display this ransom note and it is the first time the company’s cybersecurity experts have come across such a virus. It also incorporates an open-source machine learning module designed for context-aware cropping of its ransom note.