An attendee poses for a photo next to Android characters during Google I/O 2016 at Shoreline Amphitheatre on May 19, 2016 in Mountain View, California. (Photo : Getty Images/Justin Sullivan)
Symantec has revealed that the upcoming Android Nougat prevents ransomware attack. The new security feature will not stop threats from setting password on devices with no existing password.
According to the official blog of the security vendor, there is a hidden code within the upcoming Android mobile operating system that will help protect the device against ransomware attacks. They pointed out that there is a change to the resetPassword API in the mobile OS that prevents at least some of the ransomwares out there from working. Any third-party app will not be able to reset the lockscreen PIN, password, or pattern, since the API can only be used to set a new one.
The new mobile OS does not have a backward compatibility, which means there is no method for the threat to escape. If the feature was present, it would have allowed the malware to reset the lockscreen password, even on newer versions of the mobile OS.
For those who do not use any passwords for their devices are at risk, according to Android Police. A well-made malware can still set an initial password all on its own, since the API only prevents attacks that will change the password.
The ransomware actually sets or resets the password, whether a PIN or a pattern, for the lockscreen of the device by calling the resetPassword API. For it to work, the application must be a device administrator.
Disinfection tools will also be affected by the new feature, since it is dependent with the API. It is a tool that is designed to help users whose devices are infected with dangerous malware. However, with the new Android mobile OS, the tools will fail since it will not be able to call the API.
The security vendor recommends Android users to keep their software up to date to strengthen its security measures. They should stop downloading mobile apps from unofficial sites, since it is most likely to have apps infected with malicious software. They should also inspect to the permissions that are requested by the apps they are downloading.
Making backups of important data were also recommended by the security vendor, but the Android device users must make sure the files are not infected. To protect their data and device, they should install a good mobile security app.
Check out the Android Nougat statue unwrapping video below:
