This article is contributed. See the original author and article here.

Microsoft researchers found a sophisticated Android malware that uses novel techniques to display its ransom note. The new malware, the latest variant of variant of a ransomware family that’s been in the wild for a while but has been evolving non-stop, exemplifies the rapid evolution of mobile threats that we have also observed on other platforms. Read our technical analysis here: Sophisticated new Android malware marks the latest evolution of mobile ransomware.




Microsoft Defender for Endpoint on Android detects this ransomware (AndroidOS/MalLocker.B) as well as other malicious apps and files using cloud-based protection powered by deep learning and heuristics, in addition to content-based detection. Microsoft Defender for Endpoint on Android, now generally available, extends Microsoft’s industry-leading endpoint protection to Android. Learn more about our mobile threat defense capabilities in Microsoft Defender for Endpoint on Android.


Threat data from endpoints are combined with signals from email and data, identities, and apps in Microsoft 365 Defender, which orchestrates detection, prevention, investigation, and response across domains, providing coordinated defense. Microsoft Defender for Endpoint on Android further enriches organizations’ visibility into malicious activity, empowering them to comprehensively prevent, detect, and respond to against attack sprawl and cross-domain incidents.

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.

%d bloggers like this: