New ‘DroidLock’ Android Malware Locks Users Out, Spies via Front Camera

Zimperium zLabs reveals DroidLock, a new Android malware acting like ransomware that can hijack Android devices, steal credentials via phishing, and stream your screen via VNC.

A new mobile threat is allowing remote attackers to hijack Android devices, turning phones into surveillance tools and locking users out of their own data.

Cybersecurity researchers at the mobile security firm Zimperium’s zLabs discovered the campaign, dubbed DroidLock, which is currently targeting Spanish users through fake and malicious phishing sites.

Vishnu Pratapagiri, Zimperium’s security researcher and report author, noted that the malware acts much like ransomware (software that locks your device and demands payment), designed to perform “total takeover” of a victim’s device.

Once someone is tricked into installing it, DroidLock uses fake system update screens and other deceptive techniques to display a full-screen warning that pressures the victim to contact the attackers.

How the Hijacking Works

According to Zimperium ...