BEING a good listener is normally considered an admirable quality in a person. It is, however, lethal for a smartphone if found in a piece of malicious software (malware), according to Symantec Corp.
The cyber-security firm recently alerted users to the latest variant of the Android ransomware threat “Android.Lockdroid.E”, which Symantec described as “a great listener”.
According to Symantec, the threat uses a speech-recognition application program interface (API) and requires its victims to speak an unlock code instead of the traditional method of typing it in.
“Once Android.Lockdroid.E infects a device it locks the user out using a ‘System’ type window and then displays a ransom note,” Symantec said in a statement. “The ransom note is written in Chinese and gives instructions on how to unlock the device.”
According to Symantec, the note provides a QQ—software service developed by Tencent Holdings Ltd.—instant messaging ID to contact in order to receive further instructions on how to pay the ransom and receive an unlock code.
“Since the user’s device is locked, another device must be used to contact the cyber criminals behind the threat.” Symantec explained the malware uses third-party speech recognition APIs and compares the spoken words heuristically with the expected passcode. If the input matches up, the malware removes the lockscreen.
“For some cases, the recognized words are normalized to accommodate any small degree of inaccuracies that an automated speech recognizer is bound to.”