Hidden code in Android Nougat will stop ransomware from resetting lockscreen passwords. Ransomware is one of the nastier types of malicious software that which compromised millions of devices – both mobiles and PCs. When a ransomware attacks a device : it locks down either specific files or an entire machine until the user sends money to a shady, untraceable online account and most of the people pay ransom in order to regain access to their devices.
According to security vendor and researcher Symantec, there is a hidden code in Android Nougat that will help protect against these kinds of attacks. In a recent blog post researcher, Dinesh Venkatesan pointed out a change to the resetPassword API that should prevent at least some of the nastier ransomware from working.
Specifically, this change means that the API can only be used to initially set the password, and not to reset it. It means that there’s no way for a sneaky third-party app to reset the lockscreen PIN, password, or pattern – that API can only be used to set a new one on a previously wide-open device.
How does the malware reset the password ?
Take Android.Lockdroid.E, for example. The malware resets an Android user’s lockscreen password/PIN/pattern after scaring victims with a system error GUI. It does so by invoking the resetPassword() method as long as the calling application is a device administrator.
As a result, even victims who are able to remove the malware from their devices might not be able to gain access to their phones without a factory reset.
How hidden code in Android Nougat prevent this?
The upcoming Android version, known as Android Nougat, will introduce a condition so that the invocation of the resetPassword API can only be used to set the password and not to reset the password.
Researcher Dinesh Venkatesan explains: “This development will be effective in ensuring that malware cannot reset the lockscreen password, as the change is strictly enforced and there is no backward compatibility escape route for the threat. Backward compatibility would have allowed malware to reset the lockscreen password even on newer Android versions. With this change, there is no way for the malware to reset the lockscreen password on Android Nougat.”
Like most things in life, there are a few caveats, however. The condition won’t prevent malware from setting a password on a device with no existing password. The feature will also get in the way of disinfectors, automated tools which clean malware off of infected devices.
Symantec recommends users to protect their devices with some form of password when you first set up your new device. They should also download applications only from trusted developers and install an up-to-date anti-virus solution onto their devices. Also, recommends close attention to the permissions requested by apps and frequent backups of important data.