DoubleLocker attacks Android devices

Android users beware: new ransomware is attacking Android gadgets
13 October 2017   1175

Developers of antivirus software from ESET have discovered the first encoder for mobile devices based on Android, which extorts ransom in bitcoins for unlocking the screen. Information about this company was published in the official blog on Habrahabr.

DoubleLocker interface
DoubleLocker interface

Malicious software called DoubleLocker is developed on the basis of a bank trojan, however it is not interested in the victim's finances.

DoubleLocker does not have the functions of collecting user's bank data and erasing accounts, instead it provides tools for extortion. Malware can change the PIN of the device, blocking victim access, and also encrypts all files in the main storage device - we first see such a combination of functions in the Android ecosystem. 

ESET team

 DoubleLocker encrypted files
Files, encrypted by DoubleLocker

DoubleLocker is distributed through compromised sites under the guise of updating or activating Adobe Flash Player. Once on the device, the malware gets the necessary permissions under the guise of enabling the false service Google Play Service.

To unlock the gadget, cybercriminals demand 0.0130 BTC (around $73 at the press time), threatening otherwise to destroy all the data after 24 hours. Nevertheless, according to the, bitcoin-wallet of DoubleLocker is still empty.

DoubleLocker wallet
DoubleLocker wallet

To get rid of DoubleLocker, ESET team recommends:

  • Unplugged device that does not have a mobile device management solution capable of resetting the PIN: the only way to get rid of the lock screen is to reset it to the factory settings.
  • Routed device: the user can connect to the device via ADB and delete the file in which the PIN-code is stored. To do this, user must enable device debugging (Settings - Developer options - USB debugging). The lock screen will be deleted and the user will get access to the device. Then, working in safe mode, the user will be able to deactivate the device administrator rights for the malware and delete it. In some cases, a reboot of the device is required.

AngularJS to Angular Migration Tools to be Released

New tools are called ngMigration Assistant and ngMigration Forum
17 August 2018   156

The JS-development team AngularJS has released two customers' "helper" - ngMigration Assistant and Forum. The tools show which migration from AngularJS to Angular is correct, how to simplify the process as much as possible and avoid mistakes.

ngMigration Assistant is a command-line tool that analyzes any AngularJS application, regardless of size, and recommends an optimal migration path. It provides statistics on the complexity, size, and patterns of an app. Based on this data, the program offers a list of clear recommendations that simplify the transition from AngularJS to Angular, taking into account the size and complexity of the code.

You can find an example of using the ngMigration Assistant for the AngularJS phone catalog application below. Using the ngma command, registered in the directory, analysis is performed and recommendations are written.

Displaying ngMigration Assitant statistics
Displaying ngMigration Assitant statistics

Initially, the tool shows statistics of the available data, and after - the stages of preparation for migration to Angular.

NgMigration Assitant Recommendations
NgMigration Assitant Recommendations

The new ngMigration Forum collects up-to-date information on migration paths and tools that provide the transition from AngularJS to Angular. ngMigration Forum is a place for sharing experiences, solving problems and asking questions.

The last update of Angular 6.1 was released in late July 2018. In Angular, support for TypeScript 2.8 and 2.9 was added, as well as the ability to configure the router to store and restore the scrolling position