Black Rose Lucy is a Russian Malware-as-a-service and a dropper that gathered your device data and now it has come back in the form of ransomware. This malware group came into limelight in September 2018 after the discovery of Check Point. Now the same researcher is claiming that Lucy has returned and this time it will attack Android users and demand for ransomware.
Android users with a little technical knowledge can be fooled easily and launch the malware in their device via MAAS. This malware family aka MAAS contains a Lucy Loader via which they can remotely control the affected devices and put additional malware and a Black Rose dropper to target the Android smartphones.
With the Lucy loader attackers have a sneak peek of the geo-locations of the affected smartphones its botnet. After it allows the attackers to upload the malware to the dashboard and then push the gadget on the botnet as per the requirements of threat attackers.
Checkpoint research discovered that the malicious script is now coming with additional features like its ransomware elements, full control on your Android device, and the ability to install additional malware.
Your smartphone can infect with this malware via social media networks and Android apps via URLs. The victim gets a ransom note that indicates him/her to pay $500 find by giving their credit card information.
If you want the full-fleshed technical guide on how Black Rose Lucy functions then you have to check the Checkpoints’ note uploaded on their blog.