DEVICES

Malware "threatens" to blackmail smartphones in Vietnam

Bùi Đăng MinhMonday, June 22, 202621 min read
Malware "threatens" to blackmail smartphones in Vietnam
Quang Huy
Quang Huy

(Dan Tri) - Many Android users in Vietnam report that their smartphone's screen is locked and a ransom message appears.

Malware "threatens" to blackmail smartphones in Vietnam
Malware "threatens" to blackmail smartphones in Vietnam

However, this is not real ransomware and users can handle it themselves with a few simple steps.

According to many Android smartphone users in Vietnam, in recent days a type of malicious code has appeared that can take over the entire device screen, making users unable to operate normally.

When infected with malicious code, the smartphone screen will display messages such as "Device has been hacked" or "Phone has been locked". The hacker also provides a contact phone number for the victim to buy the unlock code for a price ranging from 150,000 to 500,000 VND. Along with that is the threat that taking the device for repair could cause all data to be erased.

Even after restarting the device, the notification continues to appear, making many people mistakenly think that the smartphone has been completely controlled by hackers.

However, this is not a dangerous type of ransomware capable of encrypting data. In essence, it is a malicious application that takes advantage of the access rights granted by the user during the installation process to gain display rights on the screen.

Ransomware threatens to attack smartphones in Vietnam - 1
Some types of blackmail app notifications when taking control of the smartphone screen (Photo: TT/Van Dai).

This type of malicious code is often distributed in the form of an .apk file - an application installation format on Android. In the process of searching and downloading applications from the Internet, users may accidentally download .apk files from websites controlled by hackers.

Once installed, the app will request permissions such as displaying on other apps, controlling certain device functions, or going full screen. When the user accepts, the application will continuously display blackmail messages, creating the impression that the smartphone has been locked or compromised.

Because it is not a very sophisticated type of malware, this application does not interfere deeply with the Android system. So, users can handle it themselves without paying hackers for the unlock code.

If a smartphone's screen is hijacked after mistakenly installing a malicious application, users should boot the device into Safe mode.

In Safe mode, the system only launches default Android applications and temporarily disables third-party applications. This makes it impossible for malicious applications to start automatically and continue to take control of the screen.

To access Safe mode, users perform the following steps:

- Press and hold the power button and select "Power off" to turn off the smartphone.

Ransomware threatens to attack smartphones in Vietnam - 2

- After the device is completely turned off, press and hold the power button and volume down button at the same time. When the screen lights up, release the power button but continue holding the volume down button until the lock screen appears.

- If the operation is successful, the words "Safe mode" will appear in the corner of the screen.

Ransomware threatens to attack smartphones in Vietnam - 3
The notification shows that the smartphone is booting in Safe mode (Photo: TT).

At this point, the malicious application will no longer be launched with the system. Users can unlock the device, access the application management section to find and remove suspicious applications or recently installed applications.

After completing the uninstallation process, restart the smartphone to return to normal use mode.

In case the blackmail message continues to appear, users should reboot into Safe mode and check and remove additional suspicious applications until the device operates normally.

Note: After exiting Safe mode and restarting, some smartphones may automatically activate airplane mode, interrupting network connections and communications. Users should check and turn off this mode if necessary.

Compared to iPhones running iOS, Android smartphones are often more targeted by hackers due to the large number of users, diverse device ecosystem, and many potential security holes that can easily be exploited.

To limit the risk of becoming a victim of hackers and malware, Android users should note the following principles:

- Only install applications from trusted sources. The safest way is to download the application directly from the Google Play store.

In case you need to install applications via .apk files (for applications not released on Google Play), users should download from reputable, well-known websites. Avoid downloading .apk files from websites of unknown origin or through random search results on Google, because the risk of mistakenly downloading applications containing malicious code is very high.

Ransomware threatens to attack smartphones in Vietnam - 4
Smartphone users running Android should install applications directly from the Google Play app store to avoid being infected with malicious code (Illustration: Twitter).

Smartphone users running Android should install applications directly from the Google Play app store to avoid being infected with malicious code (Illustration: Twitter).

- Not every application that appears on Google Play is completely safe. In some cases, hackers can still bypass Google's censorship system to distribute malicious applications.

Therefore, before installing, users should refer to community reviews and comments. If the majority of comments are general, don't specifically mention app features, or come from unusual accounts, they could be fake reviews that are automatically generated to mislead users. When this is the case, you should consider choosing another more reliable application.

- Regularly update the latest Android versions and patches released by the manufacturer. These updates not only add features but also fix security vulnerabilities, helping to reduce the risk of being exploited and attacked by hackers.

Nguồn / Original source: Dân trí