New Android ransomware targets smart TVs
It seems like you can’t go more than a few days lately without hearing about another ransomware attack. Sometimes it’s just regular folks getting hit by the scammers, but it can also be hospitals, universities, and businesses. Now, a new version of the Frantic Locker (or FLocker) Android ransomware has started popping up that goes after more than your phone or tablet. The new FLocker can lock down your TV until you pay up. And no, it doesn’t care that Game of Thrones is on.
FLocker has existed for a while now — it’s actually very well-maintained by ransomware standards. The developer is constantly updating the package and adding support for new Android system changes. In a new version of the malware, the owners added support for Android-powered smart TVs.
Weirdly, FLocker won’t work on Android devices that are in Kazakhstan, Azerbaijan, Bulgaria, Georgia, Hungary, Ukraine, Russia, Armenia, or Belarus. The first thing it does when reaching a new system (you have to install it somehow) is check its location. If it’s not in one of those countries, it attempts to install a command and control system on the smartphone or TV. Android has more security measures than your average Windows PC, believe it or not. In order to take control of your system, it needs administrator access. This is where the Android ransomware diverges from PC ransomware.
Because we’re not dealing with an encrypted volume, it is possible to fix the FLocker ransomware yourself. You’ll need a computer with the Android developer tools running. Using an ADB command, you can kill the malware process that’s locking the screen, then go into the settings and revoke its administrator access. That’s not an overly technical process, but you need to already have ADB debugging enabled on your device. If that’s not possible, you’ll have to factory reset. That may or may not even be an option on your TV, so Trend Micro suggest contacting the manufacturer.
Source : extremetech