Home / malware Android.Lockdroid.G
First posted on 07 May 2014.
Source: SymantecAliases :
There are no other names known for Android.Lockdroid.G.
Explanation :
Android package file
The Trojan may arrive as a package with the following characteristics:Package name: com.androidVersion: 1.0Name: BaDoink
Permissions
When the Trojan is being installed, it requests permissions to perform the following actions:Start once the device has finished booting.Open network connectionsAllow the use of PowerManager WakeLocks to keep the device's processor from sleeping or the screen from dimming Check the phone's current state
Installation
Once installed, the application will display a blue icon with a white and blue circular logo.
Functionality
The malicious app must be installed manually by the user before the Trojan can perform any activities.
When the Trojan is executed, it connects to the following remote locations:[http://]police-strong-mobile.com[http://]mobile-policeblock.com[http://]police-secure-mobile.com[http://]police-scan-mobile.com[http://]police-mobile-stop.com[http://]police-guard-mobile.com
The Trojan then displays a message that claims that the mobile device has been locked. The Trojan's message demands payment, claiming that the device will be unlocked once the money has been received. However, the device is not locked from use and the files are not encrypted.
The Trojan provides a way for users to pay the ransom demand.Last update 07 May 2014
