Older versions of Android are particularly susceptible to malware attacks


Security researchers at Blue Coat labs have discovered that drive by attacks are possible on older Android devices. Devices running versions 4.0 to 4.3 of the Android OS can be hijacked through an exploit known as towelroot, which can give root access to the device. Android version 4.4 is also vulnerable, though the particular exploit used is unknown.

The malware Cyber.Police, is an outdated version of ransomware. Cyber.Police does not encrypt the data on the phone, and the personal files can still be accessed by connecting the phone to the computer. Cyber.Police however blocks any other app from running on the phone and demands payment in the form of two $100 iTunes gift cards. iTunes gift cards are not anonymous and untraceable, as is the case with digital cryptocurrency such as bitcoin or litecoin. iTunes gift cards can be tracked, but can function as a currency for long periods of time between hackers.

The attacks are sophisticated as the installation of the malware does not need any authentication or permissions from the users. In the lab test by the researchers at Blue Coat, the application installed itself without any interaction from a user at all. The ransomware infected the device via a piece of Java script code that ran from an advertisement on a pornographic website.

If infected by Cyber.Police, the ransomware can be removed from the phone with a factory reset. Updating the phone to the latest version of Android, does not remove the malware from the system.