The scum of the internet aka cybercriminals have resorted to yet another ransomware tactic, and this time, instead of asking for payments in bitcoins, they'd rather users given them iTunes gift cards. Using a vulnerability found on older versions of Android, Dogspectus — a malware — locks users' devices, leaving no other option.
Blue Coat, a leading cybersecurity firm, reported on its blog that the malware prevents other apps from launching or running in the background and also ensures that it is the first thing that loads if the device is restarted.
Blue Coat intentionally infected a Samsung tablet running CyanogenMod 10 version of Android 4.2.2 by loading a webpage containing a malicious ad that automatically downloaded the malware without notifying the user.
Blue Coat noted that the Android devices that haven't been updated or won't be receiving updates are most susceptible, singling out Android version 4.x .
Once installed, the malware, or rather ransomware, locks the user's device down and asks that they purchase iTunes gift cards worth $200, giving users the flexibility to choose between two $100 cards or four $50 cards (how thoughtful).
Blue Coat reports that with the strain that had infected their device it was still possible to connect to a PC and transfer all important data from the internal memory as well as the microSD card. With regard to how the ransomware can be removed, it adds a factory reset that deletes all installed information and returns the device to the same state it was in when purchased would be the only option.
Urging users to back their data up on a separate device in case of such threats in the future, Blue Coat advices that using more up-to-date browsers as opposed to the in-built one would prove to be a safer option.