Google’s latest operating system for Android, Nougat, will soon use a new condition that may help prevent ransom wares from resetting a device’s password using the reset Password API.
A recent report said, numerous dangerous malwares including Android.Lock.E variants with advanced capabilities emerged during the first quarter of 2105. All these malwares are capable of tricking the users and resetting their lock screen password used primarily to access the device. Even users who manage to remove the malware without resetting the device may be unable to use the phone because they won`t be able to get around the password the malware sets.
Research conducted by security firm Symantec showed that these ransomware malware set or rest home-screen passwords, through either a pin or pattern, by summoning the resetPassword API.
The new report said, Android Nougat will introduce a new clause or condition to prevent the invocation of resetPassword API for resetting the passwords; only setting the password will be allowed. This development will be effective in ensuring that malware cannot reset the lock screen password, as the change is strictly enforced and there is no backward compatibility escape route for the threat.
The firm said that, in spite of this, users should also be cautious of the fact that the new OS will prevent malwares from resetting the password; it won’t stop them from setting the password on devices with no existing passwords.
The flip side is that the new feature will also affect standalone disinfection utilities that are largely dependent on resetpassword API. A disinfector tool is an automated tool designed to help users to combat devices with an infected malware.
According to the report, With Android Nougat’s new restrictions, the disinfector’s ability to call that API is bound to fail. This is likely to affect a small percentage of users who use disinfectors.
Symantec has also listed a few tips to help prevent mobile threats. They are,
- Keep your software up to date
- Refrain from downloading apps from unfamiliar sites and only install apps from trusted sources
- Pay close attention to the permissions requested by apps
- Install a suitable mobile security app, such as Norton, to protect your device and data
- Make frequent backups of important data