Criminals with no coding know-how can create Android ransomware from their mobiles, thanks to the rise of freely available and easy-to-use Trojan Development Kits (TDKs).
The free TDK apps are now readily available from hacking forums and via advertisements on social network messaging services, according to research by Symantec principal threat analysis engineer Dinesh Venkatesan.
“The app, which has an easy-to-use interface, is no different from any other Android app apart from the fact that it creates malware. To generate the malware, all the user needs to do is choose what customization they want by filling out the on-screen form,” Venkatesan said.
“The entire process of creating a ready-to-use piece of malware is done on a smartphone without any requirement to write a single line of code.”
TDKs began emerging earlier this year, with the most recent spotted by Symantec last week the company said.
Having downloaded the app, users simply select from a range of options to customize their malware, including; the message to be displayed on the locked screen of the infected device; the key to unlock it; custom mathematical operations to randomise the code; and icons and animations to display on the victim’s device.
They then hit ‘create’ and are asked to subscribe to the service, after which they can make as many variants of the ransomware as they desire. The app also allows an online chat with its developer to arrange a one-time payment.
Once paid for, the malware is created and stored in external storage “in ready-to-ship condition”, Venkatesan said.
“It is then up to the user how they want to spread their newly created ransomware. Anyone unlucky enough to be tricked into installing the malware will end up with a locked device held to ransom,” he added.
At present, all of the TDKs analysed by Symantec researchers have been aimed at Chinese-speakers, with different language versions expected to be available soon.
“The emergence of easy to use malware development kits such as these lowers the bar for aspiring cyber criminals wanting to enter the ransomware game. Individuals with little technical knowledge can now create their very own customized Android ransomware,” Venkatesan said.
“However, these apps are not just useful for aspiring and inexperienced cyber criminals as even hardened malware authors could find these easy-to-use kits an efficient alternative to putting the work in themselves. We expect to see an increase in mobile ransomware variants as these development kits become more widespread.”
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.