Google is upping the ante with security protocols on Android. The upcoming version, Android N, is going to stop ransomware from resetting a device’s password, claims security firm Symantec. According to the firm, a new condition has been added Android N’s code, which prevents ransomware from using the resetPassword API. Symantec noted that the API on Android Nougat can only be used to set a password, but can’t be used to reset the same. This would prevent ransomware to reset lock screen passwords on phones powered by Android Nougat.
However, Symantec noted that while malware will not be able to reset your device password, it can still set a password. Also, the firm wrote that this new feature would affect disinfector utilitites. “The new feature will also affect standalone disinfection utilities, which also depend on the “resetPassword()” API. A disinfector utility is an automated tool designed to help users whose devices are infected with malware. The disinfector not only should clean the malware but also reset the arbitrary password set by the threat during its infection routine. Before Android Nougat, the disinfector calls the resetPassword() API to achieve this functionality. However, with Android Nougat’s new restrictions, the disinfector’s ability to call that API is bound to fail. This is likely to affect a small percentage of users who use disinfectors,” wrote Symantec employee, Dinesh Venkatesan, in a blog post.
Ransomware has been a growing threat for Internet connected devices over the past few years. For the uninitiated, ransomware is a kind of malware that holds the users’ data hostage, asking for money to be paid in order to regain the same. It does so by changing access passwords on devices that are infected.