DIY Android Ransomware App Aiding Hackers
Budding cyber criminals are going to have a field day with a DIY Android ransomware app which has been doing rounds for some time now, and is purportedly available for download on various underground hacker forums and discussion groups for free. This app allows users to create their own custom ransomware at the click of few buttons and after filling out a few forms. That’s it! No coding skills required!
Released by Chinese malware developers and available in the Chinese language, for now, this Trojan Development Kit (TDK) app comes with an easy-to-use interface which allows wannabe cybercriminals to create their own ransomware within a few minutes. Obviously, we are not living in an era which requires hackers to create their own scripts to gain access to computers. There are many TDKs available online which they can use instead. And this latest Android ransomware app is an example of one such app.
Based on what sources are suggesting, it seems that the entire process of malware creation can be accomplished using a smartphone and by filling out forms which contain a variety of customization options that allow users to customize the following: the ransomware message which will be displayed, the code for unlocking the device, the ransomware icon, math operations which obfuscate the code, and so on.
Once these details are provided by the user and he/she hits the create button, they’ll be asked to make a one-time payment to subscribe to the service. When this is complete, the budding cybercriminal will be allowed to create as many variants of the ransomware as they wish. The ransomware created using this app appears to mimic the well-known Lockdroid ransomware behavior of locking the infected phone’s screen.
Discovered by Android security expert Dinesh Venkatesan, it seems the app has been available on the market since the start of this year. The security expert says that he spotted various ransomware strains generated by this app, all of which appear to have been built on the skeleton of the Lockdroid family.
Venkatesan also goes on to say that similar products have existed before, but all of them required at least some coding knowledge unlike this ransomware app released by Chinese developers which require none. He also points out that the ransomware developed using this app does not encrypt files, but merely locks the user’s device with an attacker-decided PIN.
What’s dangerous about these DIY ransomware apps is that it’s just not the low-level cybercriminals who benefit from these tools; even seasoned ransomware developers can use this easy-to-use tools as the base and build more powerful ransomware variants that pose even greater threats.
As usual, to stay protected from this ransomware, researchers recommend that Android users refrain from downloading apps from untrusted sources, make regular backups of important data, and to keep their systems up-to-date. However, if the recent WannaCry and the subsequent Petya ransomware outbreaks are anything to go by, it’s obvious that not all users are heeding this advice, no matter how many times it is repeated.
Julia Sowells960 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.