This is a ransomware discovered by security researchers from the well-known security company ESET and is the first software rescue abusing the accessibility feature of Android, so implementing alternative ways of interacting with a mobile device.
These accessibility services are being abused by other types of malicious attacks such as bank Trojans or adware, but you have never seen anything like DoubleLocker.
DoubleLocker, a malware that encrypts the data and changes the Device Pin
It has its roots in a banking malware and should be mentioned that cybercriminals began to spread this malicious code as part of a fake Adobe Flash update via compromised websites and applications.
Once the victim has launched the tool, it requests the activation of the accessibility service and once the malicious code has obtained these permissions, it uses them to activate the administrator rights of the device and configure itself as the Home application without the consent of the user.
This way every time the user clicks the start button, the ransomware get activated and the device gets locked again, so thanks to the use of the accessibility service, the user does not know that it launches malware by pressing the mentioned Home Button.
The first thing DoubleLocker does is to change the access PIN to a random value that neither scammers know nor they store anywhere. At the same time, all files get encrypted using the AES encryption algorithm for each file.
At the moment the encryption process has no errors, which makes it impossible to recover the files without receiving the encryption key of the criminals, which is about $75, the payment that must be completed in less than 24 hours.
Therefore, as always, the best way to protect our device is to install applications only from trusted stores such as Google Play and always pay attention to the “reputation” of the developers.
So, if you liked this article then simply do not forget to share this article with your friends and family.