Android Nougat prevents malware from resetting device passwords: Symantec

The upcoming version of Android introduces a new condition so the “resetPassword” API cannot be used to reset a device’s password. The change impacts both ransomware and disinfectors

Android Nougat will ensure that ransomware or malware are unable to reset the device password, reports the Symantec Official Blog. According to the blog, Android introduces a new condition where the “resetPassword” API cannot be used to reset a device’s password, and it will affect both ransomware and disinfectors.The security firm points out that Android.Lockdroid.E, a ransomware that emerged in 2015 would scare victims with “system error,” and then “reset the lockscreen password used to access the device.”

“Even users who manage to remove the malware without resetting the device may be unable to use the phone because they won’t be able to get around the password the malware sets,” notes the blog. But in Android Nougat, “the resetPassword API” will only be used to set a password, and not reset it, says Symantec.

The firm also says the change in Android N is “strictly enforced,” and there is no backward compatibility thus preventing malware from resetting the password on newer versions of Android.
However the setting will also affect disinfector tools, which are used to get rid of malware on Android. The security firm says, this will impact only a small percentage of users who use disinfectors.

AndroidSymantec
Comments (0)
Add Comment