DroidLock Android Ransomware Targets Spanish-Speaking Users
Summary
Hide ▲
Show ▼
A new Android malware named DroidLock has been discovered, which locks victims' screens and demands a ransom. The malware can also access text messages, call logs, contacts, audio recordings, and erase data. It targets Spanish-speaking users and is distributed through malicious websites promoting fake applications. The malware gains control via VNC sharing and can steal device lock patterns through screen overlays. DroidLock does not encrypt files but threatens to destroy them unless a ransom is paid within 24 hours. It can also change the lock code to deny access to the device. The malware is distributed via a dropper that installs a secondary payload containing the actual malware, requesting Device Admin and Accessibility Services permissions to perform fraudulent activities.
Timeline
-
10.12.2025 23:53 1 articles · 2h ago
DroidLock Malware Discovered Targeting Spanish-Speaking Android Users
DroidLock malware has been discovered, which locks Android devices and demands a ransom. The malware can access sensitive data and erase files. It is distributed through malicious websites promoting fake applications and gains control via VNC sharing. The malware does not encrypt files but threatens to destroy them unless a ransom is paid within 24 hours.
Show sources
- New DroidLock malware locks Android devices and demands a ransom — www.bleepingcomputer.com — 10.12.2025 23:53
Information Snippets
-
DroidLock can lock screens, access sensitive data, and erase data from Android devices.
First reported: 10.12.2025 23:531 source, 1 articleShow sources
- New DroidLock malware locks Android devices and demands a ransom — www.bleepingcomputer.com — 10.12.2025 23:53
-
The malware targets Spanish-speaking users and is distributed through malicious websites promoting fake applications.
First reported: 10.12.2025 23:531 source, 1 articleShow sources
- New DroidLock malware locks Android devices and demands a ransom — www.bleepingcomputer.com — 10.12.2025 23:53
-
DroidLock gains control via VNC sharing and can steal device lock patterns through screen overlays.
First reported: 10.12.2025 23:531 source, 1 articleShow sources
- New DroidLock malware locks Android devices and demands a ransom — www.bleepingcomputer.com — 10.12.2025 23:53
-
The malware does not encrypt files but threatens to destroy them unless a ransom is paid within 24 hours.
First reported: 10.12.2025 23:531 source, 1 articleShow sources
- New DroidLock malware locks Android devices and demands a ransom — www.bleepingcomputer.com — 10.12.2025 23:53
-
DroidLock is distributed via a dropper that installs a secondary payload containing the actual malware.
First reported: 10.12.2025 23:531 source, 1 articleShow sources
- New DroidLock malware locks Android devices and demands a ransom — www.bleepingcomputer.com — 10.12.2025 23:53
-
The malware requests Device Admin and Accessibility Services permissions to perform fraudulent activities.
First reported: 10.12.2025 23:531 source, 1 articleShow sources
- New DroidLock malware locks Android devices and demands a ransom — www.bleepingcomputer.com — 10.12.2025 23:53