• A new type of ransomware targets Android devices and locks them instantly
• The attack can wipe data and use the camera to display the user live

A cybersecurity company has issued a new warning to Android phone users after detecting a new type of malicious software attack known as DroidLock, which is accurately classified as “ransomware.”

This attack immediately locks the phone, displaying a strongly worded warning stating that “failure to comply within 24 hours will result in the destruction of all files on the device.”

The ZLabs team at Zimperium confirmed that the malware has begun spreading in Spain through phishing websites, targeting mobile phone users.

The team added that the attack is not limited to threatening data alone, but can also use the phone’s front camera to display the user’s facial expressions in real time to the parties controlling the malware.

The company noted that the attack can be prevented with one simple rule: do not grant accessibility permissions to any application. These permissions are intended for apps with special needs, and if they fall into the wrong hands, they can be used to lock the device, wipe data, take photos, mute sound, and steal contacts.

Zimperium experts explained that DroidLock does not encrypt files like traditional ransomware, but it is capable of wiping the phone’s contents and changing the passcode or biometric data, preventing the user from accessing their device.

Experts warned Android users against installing apps outside the Google Play Store, stressed the importance of keeping Play Protect enabled at all times, avoiding clicking on unexpected links or attachments in messages or emails, and refraining from logging into websites through any suspicious links.