Header Ads








A new version of the "FLocker" Ransomware has now the ability to infect and lock down your Smart TVs

After targeting hospitals, universities, and businesses, Ransomware has started popping up on Smart TV screens.

Using multiple devices that run on one platform makes life easier for a lot of people. However, if a malware affects one of these devices, the said malware may eventually affect the others, too. This appears to be the case when we came across an Android mobile lock-screen ransomware, known as “FLocker,” that is capable of locking smart TVs as well.


A new version of the Frantic Locker (better known as FLocker) Ransomware has now the ability to infect and lock down your Smart TV,Smartwatch, Smart fridge, or any Internet-connected smart device until you pay up the ransom.


Researchers at Trend Micro have discovered the updated version of FLocker that is capable of locking Android smartphones as well as Smart TVs.


Originally launched in May 2015, the FLocker ransomware initially targeted Android smartphones with its developers constantly updating the ransomware and adding support for new Android system changes.


Here's what the new version of FLocker does to your Android-powered Smart TVs:
  • FLocker locks the device's screen.
  • Displays a fake notice from United States Cyber Police or other law enforcement agency, accusing potential victims of crimes they did not commit.
  • Demands $200 worth of iTunes gift card as Ransom to unlock the infected TV.
  • Trend Micro says the malware is configured to deactivate itself in some regions including Russia, Bulgaria, Hungary, Ukraine, Georgia, Kazakhstan, Azerbaijan, Armenia, and Belarus.



However, if FLocker detects devices outside these countries, the malware will wait for 30 minutes before requesting admin privileges for the device. If the victim rejects the request, FLocker freezes the screen, faking a system update.

"The C&C [command and control] then delivers a new payload misspelled.apk and the ‘ransom’ HTML file with a JavaScript (JS) interface enabled," Trend Micro said. "This HTML page has the ability to initiate the APK installation, take photos of the affected user using the JS interface, and display the photos taken in the ransom page."

Although the new variant of FLocker does not encrypt files on the infected device, it has the capability of stealing data from the device, including contacts, the phone number, device information and location data.
Trend Micro's report does not make it clear that how FLocker infects smart TVs, but it does note that typically ransomware infection arrives via SMSes or malicious links.



Therefore, you should be wary while browsing the Internet, and receiving text messages or emails from unknown sources.


How to Remove FLocker from Your Smart TV?
Moreover, if your Android smart TV gets infected, you should contact the device vendor (phone carrier or TV merchant), or if you are kind of technical, you can remove the ransomware after removing its device admin privileges.


"Users can connect their device with a PC and launch the ADB shell and execute the command 'PM clear %pkg%'," Trend Micro said. "This kills the ransomware process and unlocks the screen. Users can then deactivate the device admin privilege granted to the application and uninstall the app."


For securing mobile devices, we advise installing security software in their smart devices to protect it from malicious apps and threats. Trend Micro Mobile Security and Trend Micro Mobile Security Personal Edition protects users from this ransomware and other related threats. Trend Micro Mobile Security Personal Edition is available on Google Play.
 

This isn't the first time when ransomware has targeted Smart TVs. In the past, it was evident how smart TV got attacked with the ransomware also Internet of Things devices being remotely controlled by the attacker.
 



source: Trend Micro,




No comments

blogmytuts. Powered by Blogger.