Microsoft warns against new ransomware attack on smartphones

by Sinziana Mihalache
Sinziana Mihalache
Sinziana Mihalache
Sînziana loves getting people to better understand products, processes, and experiences beyond a simple user guide, either in writing or making use of images. She joined the team... read more
Affiliate Disclosure
  • Microsoft Defender Research Team has discovered new ransomware threatening Android phones.
  • MalLocker.B takes over Android phones in two ways. Read below to find more details.
  • In the Privacy section, we bring you the best software to protect all your devices from cyber-attacks.
  • Find everything about the latest security breaches in the Security Hub on our website.
new android ransomware

To fix various PC problems, we recommend Restoro PC Repair Tool:
This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues and remove viruses now in 3 easy steps:

  1. Download Restoro PC Repair Tool that comes with Patented Technologies (patent available here).
  2. Click Start Scan to find Windows issues that could be causing PC problems.
  3. Click Repair All to fix issues affecting your computer's security and performance
  • Restoro has been downloaded by 0 readers this month.

Mobile ransomware is the latest security danger known in the industry, and although it’s not new, it keeps evolving.

In a recent security report, the researchers in the Microsoft Defender Team warn against new ransomware tricks used on Android smartphones.

[…] We found a piece of a particularly sophisticated Android ransomware with novel techniques and behavior, exemplifying the rapid evolution of mobile threats that we have also observed on other platforms. […]The new variant caught our attention because it’s an advanced malware with unmistakable malicious characteristic and behavior and yet manages to evade many available protections, registering a low detection rate against security solutions.

This new ransomware type is called MalLocker.B and just like any other malware version, it can be caught from random websites or can come disguised as popular third-party apps, cracked games, or video players.

How does the new ransomware version behave?

MalLocker.B ransomware

Unlike other ransomware attacks that abuse permission requests or launch annoying pop-up windows, the new techniques involve blocking the user on the home screen or on the details of an incoming call.

More specifically, first, the attack uses a call notification to get the user’s immediate attention.

At this point, one might tap on the call and the malware will show a window that covers the entire screen with details about the incoming call.

Then, the attack uses the onUserLeaveHint() function, which is triggered when the user wants to push back an app to open a new one and might go to the Home screen.

As the report shows, these tricks don’t trigger cascading windows that can make the user suspicious, and so the attack can continue at ease.

The full code of the attack is explained in the mentioned report.

These are new tricks and as a result, MalLocker.B has been included in the list of attacks monitored by Microsoft Defender for Endpoint on Android.

What’s your intake on this topic? Share your opinion with us in the comments below.

Still having issues? Fix them with this tool:


If the advices above haven't solved your issue, your PC may experience deeper Windows problems. We recommend downloading this PC Repair tool (rated Great on to easily address them. After installation, simply click the Start Scan button and then press on Repair All.

This article covers:Topics: