1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Malvertising: Exploit Kit pushes Ransomware to Android devices

Discussion in 'CSO' started by RSS, Apr 25, 2016.

  1. RSS

    RSS New Member Member

    It isn't Ransomware in the traditional sense, as there's no encryption, but Android devices are being targeted by malware that hijacks mobile advertisements to scam gift cards, researchers at Blue Coat Labs discovered.

    The Ransomware, called Dogspectus by Blue Coat, holds the device in a locked state where it can't be used for anything other than to make payment. In this case, the demands are $200 in iTunes gift cards. Blue Coat Labs researchers discovered the attack after a tablet running CyanogenMod 10 / Android 4.2.2 viewed a malicious advertisement.

    The malicious ad installed the payloads silently with no user interaction. This was possible because the Exploit Kit managing the campaign used a previously leaked Hacking Team exploit (lbxslt) to deliver an Android exploit (Towelroot), which in turn installs the Ransomware.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page