There are many types of malware and millions of users are losing money because of their naivety or lack of interest to protect their devices better. Many don’t install an anti virus program because they don’t think it’s necessary, but they’re leaving their phones exposed to malicious software and cry with crocodile tears when they realize that they’ve been tricked to install lockscreen ransomware. This type of malicious software takes over the device and the user is forced to send money to attackers to unlock his phone and retrieve the files that have been encrypted. Google has introduced a code in its upcoming Android Nougat OS which will protect users against these attacks.
Security vendor and researcher Symantec was the one who discovered the code hidden within Android Nougat, and researcher Dinesh Venkatesan has explained that Google has changed resetPassword API in order to prevent ransomeware from working. According to Symantec, resetPassword API will only set the password, but it won’t change it, so third-party app will no longer be able to reset the lockscreen PIN, password, or pattern.
Last year, there was a ransomware called Android.Lockdroid.E that displayed a “system error” and users were prompted to “reset the lockscreen password used to access the device.” This ransomware made many victims and users tried to get rid of it using disinfector tools. “Even users who manage to remove the malware without resetting the device may be unable to use the phone because they won’t be able to get around the password the malware sets,” said Symantec on its blog.
However, hackers will not stop and will improve their malicious software to get around this fix and they will rely mostly on rooted devices, which are more vulnerable to security risks. Symantec has also indicated that the change in resetPassword API will affect a small amount of users who installed disinfectors.