Don't have coding skills? No worries, you can still be a cyber criminal - if that has always been your dream job... Malware developers have created an Android app that makes it possible for anyone to create ransomware with a push of a few buttons. This DIY ransomware toolkit takes the difficulty out of ransomware development, giving criminals a fully working Android ransomware in a matter of a few minutes by filling in a form.
This Android ransomware development kit is being advertised on underground hacking forums and on Chinese social media platforms. Those interested can pay a one-time fee to get access to this Trojan Development Kit (TDK) app which can be used to create file locking apps for an Android phone.
Security researchers who recently spotted this easy to use DIY Android ransomware toolkit said that "the entire process of creating a ready-to-use piece of malware is done on a smartphone without any requirement to write a single line of code."
How does this DIY Android ransomware kit works
Any interested wannabe cyber criminal can buy this toolkit to easily get their own ransomware up and running in just a few minutes. The app comes with simple instructions that involve filling out forms with the customization options, including what message does the cyber criminal want to display on the infected device, the icon that would be used by the malware, type of animation, and the key to unlock the device.
Dinesh Venkatesan, Symantec's Android security expert, said that the app has been available since the start of this year. Venkatesan added that he spotted various ransomware strains generated by this app, as this app appears to build ransomware strains on the basis of the Lockdroid ransomware family.
These strains do not encrypt files and simply just lock the user device with the key that attacker decides during the process.
While these kits have been spotted previously too, this is probably the first instance that requires absolutely zero coding or technical skills to generate a fully weaponized Android APK file infected with the DIY app user's ransomware. Researchers warn that while so far it has only been spotted in the Chinese markets, modifying it to build ransomware in other languages wouldn't take much long, if it hasn't already been done.
"Even hardened malware authors could find these easy-to-use kits an efficient alternative to putting the work in themselves," Venkatesan said. "We expect to see an increase in mobile ransomware variants as these development kits become more widespread."