The days of needing the coding skills of an accomplished hacker to build malware are over, at least if news from Symantec is true. The antivirus and cybersecurity company recently reported the existence of a Trojan Development Kit (TDK) that allows anyone to create Android ransomware—no coding skills required.
This latest TDK, can be found on hacking forums and even in social media advertisements in China. All the cyber criminal has to do is download the APK and install it and they’re ready to build ransomware. The process itself is simple: Just specify a ransom message, an unlock key, the ransomware’s app icon, mathematical operations to randomize the code and an animation to be shown on the infected Android device.
After the no-code ransomware builder finishes specifying these few simple options they are prompted to subscribe to the app, which they can do with a one-time payment to the developer. Once the payment has been made, the app purchaser is free to create as many custom ransomware variants they want. Then all the cyber criminal has to do is distribute it.
Once a consumer is unlucky enough to have it installed on their device, the app-created ransomware acts just like Lockdroid, a ransomware that has been around since 2014. So while the app-generated ransomware isn’t anything new, it’s still a threat for Android devices that aren’t kept up to date or that lack an anti-malware app.
Currently this TDK seems to be aimed at Chinese-speaking audiences. However it would be relatively simple to change the language of the interface.
So now a criminal with just a little tech know can start their own ransomware racket.
AdSecure’s Mathieu Derval advises:
In order to combat this type of threat I recommend that consumers with Android devices ensure that they keep their OS up to date and apply the latest patches as soon as they are available. Android users should avoid rooting their device, because that makes it much easier for malware to execute the commands it needs to install itself. Ensure an antivirus app is installed and never download an attachment from a sender or website you can’t completely trust, and finally never install apps from outside the Google Play store.