Security research firm Symantec is now claiming that one of the many onboard features of Android Nougat will be able to crack the whip on ‘Ransomware’. For those unaware with the term, this is a malware which would gain authoritative access on your phone to lock itself by resetting your password. The affected customers would then be forced to pay a hefty fee in order to unlock their device again. Although the cases are not as common as other malware attacks, Ransomware is a legitimate problem for Google and the Android platform.
Keeping this in mind, it only makes sense for Google to nip this issue from the source, thus not leaving any scope for Ransomware to seep through Android’s defenses. Symantec mentions that Google is no longer allowing devices to reset the device password using the “resetPassword” API. A simple change, but a crucial one nonetheless.
One caveat here is that this new change will only protect those with a lock screen password already present. Those without a lock code will still be vulnerable to Ransomware as it will be able to set new passwords, but resetting old passwords will be impossible. So in order to keep your device from being attacked, it is suggested that users get a lock screen password. It is also safe to stay away from apps that you might find on suspicious sites.
Further explaining how this would work, Symantec’s Dinesh Venkatesan said “This development will be effective in ensuring that malware cannot reset the lock screen password, as the change is strictly enforced and there is no backward compatibility escape route for the threat. Backward compatibility would have allowed malware to reset the lock screen password even on newer Android versions.”
Also Read: New Android Malware ‘Hummingbad’ Supposedly Affecting Millions Of Devices