FLocker Ransomware Outsmarts and Locks Smart TVs


Not only your personal computer and smartphone are prone to ransomware attacks. TrendMicro researchers just unveiled that your Android TV is also exposed to the risk of being locked and becoming unusable until a ransom is paid.

The threat, dubbed FLocker (initially detected as ANDROIDOS_FLOCKER.A and short for Frantic Locker) has been around since May 2015. Contudo, one version of several thousand variants has now been updated to attack smart TVs.

Mais Malware Android to Keep Away from

How Does FLocker’s Android Smart TV Version Infect Devices?

TrendMicro’s research doesn’t exactly indicate how a smart TV would be attacked. Contudo, it’s highly likely that the attack is triggered by SMS or malicious links.

As with other screen lockers, FLocker will lock the screen of the targeted device and will display a ransom message written in the local language. The message would be from US Cyber Police or another similar institution.

The ransomware demanded by FLocker is not in Bitcoins but in… iTunes gift cards. The ransomware operators want to receive $200 in gift cards to unlock the device. De fato, the ransomware’s actions match those of smartphone lockers.

A curious fact is that the threat will not attack devices located in any of these countries: Cazaquistão, Azerbaijão, Bulgária, Georgia, Hungary, Ucrânia, Rússia, Armênia, and Belarus. Além disso, if FLocker gets installed on a device in any of these regions, it will “stand still” for 30 minutes and then will request device admin privileges. If the request is rejected, the threat will display a fake system update screen.

Even though FLocker locks the screen of the devices, it will not encrypt any files. Não obstante, it will harvest information from (and about) o dispositivo.

How to Remove FLocker from Affected Devices

Tech-savvy users can uninstall the ransomware but not before they remove its device admin privileges.
TrendMicro’s piece of advice:

We suggest user to contact the device vendor for solution first if their Android TV gets infected. Another way of removing the malware is possible if the user can enable ADB debugging. Users can connect their device with a PC and launch the ADB shell and execute the command “PM clear %pkg%”. This kills the ransomware process and unlocks the screen. Users can then deactivate the device admin privilege granted to the application and uninstall the app.

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerenciador de conteúdo que foi com SensorsTechForum desde o início. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Compartilhar no Twitter chilrear
Compartilhar no Google Plus Compartilhar
Partilhar no Linkedin Compartilhar
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Partilhar no StumbleUpon Compartilhar