Virus and Malware Database

Android application for creating Ransomware released in China

by

in

Ransomware is obviously a major issue in terms of virtual security and researchers and experts are still struggling to come up with effective solutions against this global problem. However, the good thing was that only few people out there had the ability to actually create a virus programs for blackmailing their victims. Unfortunately, this seems to no longer be true as a recent report from Dinesh Venkatesan, a security expert at Symantec, states that an application released by Chinese hackers is can enable anyone to create their own Ransomware virus with relative ease. The malware kit actually uses the foundations of a well-known lock-based Ransomware for Android. The Ransomware that can be created using this app does not implement the encryption method to lock the victim’s files. Instead, the malware simply locks the phone with a PIN that only the attacker would know – if the ransom gets paid, the criminal would supposedly send their victim the PIN and they’d regain access to their device.

Easy access to a malware virus

Even though there have been similar instances before, the difference in the current case is the fact that even someone who lacks any sort of knowledge on coding would still be able to effectively use the app to develop a Ransomware virus. The application works with a easy-to-use GUI and allows for several customization settings such as the ransom message that gets displayed on the victim’s device, the code that could unlock the phone, the icon of the Ransomware application and even animations that can be played on the victim’s lockscreen during the lockdown.

Once the criminal who uses the Ransomware development application is done creating the new virus, the malware would be saved as an .apk file and from then on, it’s only a matter of finding a way to distribute that file to any potential victims.

Popularity in China

So far, there seems to only be a version of the Ransomware development tool that is in Chinese even though the application has been around from the beginning of 2017 according to the report from Symantec. The main reason why this malware tool has gained significant popularity in China has to do with the fact that Android users there do not have access to the Play Store due to government restrictions. Due to this, customers are forced to resort to third-party application sources making it much more likely to stumble upon a compromised and malicious app. Apps that aren’t from Google Store are usually distributed in the .apk format which is the reason why the Ransomware development kit saves the new virus as a .ap file. Even though there might be doubt regarding the actual functionality of the malicious app, it should be noted that its developers would lose more if they made a fake software tool since that would be bad for their reputation among the cyber-crime communities. This is why, there’s high chance that this application for creating Ransomware is actually precisely what it is said to be. So far, it seems that the application is distributed as a paid product and can be found on Chinese underground hacker forums where one could apparently purchase it.

Implications

Even though it might sound quite disturbing that currently, even people who lack the technical knowledge to develop a malware virus would be able to easily create one using the malware development kit, on must bear in mind that having a virus is not the same as being able to use it. In the world of malware, creating a malicious program is only half the work. The other half is being able to distribute it which is likely where most wannabe hackers would face difficulties. Surely, the risk of having a fully functioning tool for creating Ransomware that is freely accessible by anyone should not be underestimated, yet there is no need for any unnecessary panic.

 


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *