Professional Documents
Culture Documents
Flocker Mobile Ransomware Crosses To Smart TV: Home Categories
Flocker Mobile Ransomware Crosses To Smart TV: Home Categories
Flocker Mobile Ransomware Crosses To Smart TV: Home Categories
Search:
Home
Categories
Featured Stories
The latest variant of FLocker is a police Trojan that pretends to be US Cyber Police or another law
Recent Posts
enforcement agency. It accuses potential victims of crimes they didnt commit. Then, it demands
200 USD worth of iTunes gift cards. And based on our analysis, there are no major differences
between a FLocker variant that can infect a mobile device and one that affects smart TVs. Below
are our analysis of FLockers routines.
To avoid static analysis, FLocker hides its code in raw data files inside the assets folder. The file
it creates is named form.html and looks like a normal file.
Ransomware 101
Popular Posts
Flashlight App Spews Malicious Ads
FLocker Mobile Ransomware Crosses to Smart TV
Unsupported TeamViewer Versions Exploited For
Backdoors, Keylogging
Will CryptXXX Replace TeslaCrypt After
Ransomware Shakeup?
ZCRYPT Crypto-ransomware Attacks Windows 7
and Later, Scraps Backward Compatibility
Latest Tweets
Error: Rate limit exceeded
Stay Updated
Email Subscription
Your email here
Subscribe
Figure 3. Encrypted code classes.dex (top) and decrypted code form.html (bottom)
When launched for the first time, FLocker checks whether the device is located in the following
Eastern European counties: Kazakhstan, Azerbaijan, Bulgaria, Georgia, Hungary, Ukraine, Russia,
Armenia and Belarus. If the device detects that it is located in any of these locations, it deactivates
itself.
If FLocker reaches a compatible target, it waits for 30 minutes after infecting the unit before it runs
the routine. After the short waiting period, it starts the background service which requests device
admin privileges immediately. We consider it as a trick to bypass dynamic sandbox. If the user
denies this request, it will freeze the screen faking a system update.
Related Posts:
Learning from Bait and Switch Mobile Ransomware
Android-based Smart TVs Hit By Backdoor Spread Via Malicious App
German Users Hit By Dirty Mobile Banking Malware Posing As PayPal App
Chinese-language Ransomware SHUJIN Makes An Appearance
ENTERPRISE
SMALL BUSINESS
CONSUMER
Tags:
android
mobile ransomware
FOR BUSINESS
Smart TV
SECURITY INTELLIGENCE
Europe, Middle East, & Africa Region (EMEA): France, Deutschland / sterreich / Schweiz, Italia, , Espaa, United Kingdom / Ireland
Privacy Statement
Legal Policies