Android users, beware, as new mobile ransomware has emerged, which utilizes the mechanisms behind the incoming call notification and the Home button of your devices.

The MalLocker.B ransomware is cleverly hidden in Android apps offered on online forums and other websites.

Much like a lot of Android ransomware strains, this new one does not lock the user’s files, but it does prevent access to the rest of the device.

Once the ransomware kicks in, it takes over the device’s screen and displays a non-dismissable ransom note that looks like a message from law enforcement threatening the user that they have committed a crime and is required to pay a fine.

These types of ransomware have existed and evolved for years and have mostly targeted Android devices.


With the MalLocker.B, it abuses the incoming call notification. Instead of showing the call notification, it will fill up the screen with the ransom note.

It also abuses the “onUserLeaveHint()” function. This feature works when users press the Home or Recents button to push the app in the background. With MalLocker.B, pressing the said buttons will bring the ransom note to the foreground and prevent users from going anywhere in the interface.

But the thing is, this kind of ransomware can be easily avoided. Just don’t download apps from sketchy sources such as third-party sites and online forums to stay safe. You can read Microsoft’s full report to learn more about it.

Leave a comment

Your email address will not be published. Required fields are marked *