Cybercriminals no longer need any coding experience to be able to make money extorting others. According to Symantec researchers, there is a new Android app spreading on Chinese underground forums allowing wannabe cybercriminals to create custom ransomware without having to write a single line of code.
Creating Ransomware with an Android app
The user-friendly app can be downloaded for free from Chinese hacking discussion boards. It is essentially a Trojan Development Kit (TDK) app that comes with an easy-to-use interface. Unlike other Android apps, its purpose is to allow users to quickly create custom ransomware.
Dinesh Venkatesan, principal threat analysis engineer at Symantec, stated, “The entire process of creating a ready-to-use piece of malware is done on a smartphone without any requirement to write a single line of code.”
According to Symantec’s blog post, all users need to do in order to create their own custom ransomware is fill out a form detailing its customizations and click a few buttons. Soon enough, a fully functional Android ransomware will be created.
Notably, when users hit the “create” button, they are asked to subscribe to the service if they have not already. The app then allows the user to schedule an online chat with its developer so that a one-time payment can be arranged. Once the payment is made, the user is subscribed and can go on creating as many ransomware variants as possible.
Although the app’s goal is to help cybercriminals extort people, the ransomware created using the app does not actually encrypt victims’ files. Instead, it locks victims out of their devices with a password that only the cybercriminal knows.
Customization options, according to Venkatesan, include the key used to unlock the device, the icon used by the malware, the type of animation displayed on the infected device, and the message the infected device will display on its screen.
The app is only available to Chinese speakers for now. Researchers point out that changing its interface language would be fairly simple to do, and that if the app were to become popular among Chinese-speaking wannabe cybercriminals, we might soon see these language options expanded. Although the app makes it easy for wannabe cybercriminals to start extorting people with their own custom ransomware, Venkatesan noted that it could also be useful for experienced cybercriminals. He stated:
“However, these apps are not just useful for aspiring and inexperienced cyber criminals as even hardened malware authors could find these easy-to-use kits an efficient alternative to putting the work in themselves. We expect to see an increase in mobile ransomware variants as these development kits become more widespread.”
Anyone unlucky enough to download ransomware created through this app is likely going to have to pay in order to regain access to the device. To mitigate this threat, researchers point out that users should refrain from downloading apps from unfamiliar websites, pay attention to permissions requested by any app, and keep their software up to date.
It is also important to use security apps that protect devices against malware, and frequently back up important data. If you use cryptocurrency wallets on your device, remember to write down your private keys.