According to researchers, this ransomware is distributed via a fake Adobe Flash Player apps spread mistreatment compromised websites. The ransomware asks the victim to grant administrative permissions that it then uses to activate the device's admin rights and set itself as the default home application.
Whenever the user taps the home button, the ransomware gets activated and also the device gets locked once more however the user is unaware of the very fact that the malware is activated each time the home button is pressed.
The ransomware encrypts all information stored within the device through the AES cryptography algorithmic rule, which suggests that, in theory, there's no way to decipher the files without receiving the decoding key from the attackers.
The ransomware encrypts all files from the device's primary storage directory, using the AES algorithmic rule and also the ".cryeye" extension. There isn't any way to recover the files without the cryptography key.
Usually, the ransom to be paid within twenty four hours is 0.0130 BTC ($54) that is around Rs 4,000.
After Wanna cry and Petya, malware developers have currently smitten android by bringing in a new strain of android ransomware attack. In case of DoubleLocker, hackers have used the best and simplest way to trick users i.e social engineering. Human is the weakest link in cyber security and hackers have leveraged this weak link to compromise android devices.
The central reason why the DoubleLocker is deadly is that it grants itself device administrative permissions (generally utilized by antivirus/lost-phone apps). This permission offers the attacker complete remote of the device as well as options like remote lock, wipe, locate, ring and alter passwords.
The prevention, on the opposite hand, is very straightforward. think before you click! Users are suggested to not click on pop-ups that ask them to put in plugins or extra software. More significantly, read fastidiously the permissions you're granting an app. Never ever offer device administrator permission to an application even though downloading from the official store unless you're completely positive that you simply need to provide the app owners complete remote access to your device.
Prevention is better than cure, duplicate your data frequently as paying the ransom is not a guaranteed solution. Even though you pay the desired amount there's no assurance that the hackers can keep their promise and decipher your files. education
