The WannaCry ransomware that was originally developed in 2017 has evolved into the WannaLocker mobile derivative. This new version has been found to be enhanced with spyware, RAT, and banking trojan capabilities. The original WannyCry variant was targeted primarily at Chinese Android device users, but the newest version is found to target Brazilian banks and their customers. The particularly nasty all-in-one ransomware capabilities include: Harvesting text information, stealing call logs, phone numbers, GPS locations, microphone audio data and stealing credit card information. Currently, it is unknown as to how the ransomware is being distributed, but researchers believe it is through malicious links or third-party app downloads. Once the ransomware is installed, it encrypts the user’s mobile files and demands a relatively small amount of money to decrypt the files. The WannaLocker ransomware appears to still be in development and could pose a very serious threat to the banking and retail sectors.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is