The malicious user gets admin rights to a smartphone by fraud and threatens to send out your browser history

The new ransomware program for mobile devices running Android uses two unusual techniques to damage the device owners. Symantec experts who discovered the program called it Android.Lockdroid.E. It is distributed under the guise of a mobile porn app "Porn 'O' Mania"

The application is seeking confirmation from the user of issuing administrator rights. It displays a fake window, which is a standard application installation window. This is possible due to the use of the error message as a modal window (TYPE_SYSTEM_ERROR).
')
The installation window is located directly over the window with a request for admin rights. After installing the application, the "Continue" button appears in the window, located exactly above the "Allow" button, giving the application full access to the device. Clicking on “Continue” leads to clicking on “Allow”.

After obtaining full access rights, the application encrypts files found in memory, and also receives browser history and copies the list of contacts. After that, a message is displayed on the screen requesting payment of the ransom. At the same time, the application impresses with its cunning. It does not only require money for decrypting files - in case the ransom is not received, it threatens to send all browser contacts to its owner’s contacts.

The trick with the withdrawal of one window on top of another is possible in systems older than Android 5.0. If your mobile device is running a new system, or if you install applications only from the Google Play Store, nothing threatens you. True, about 2/3 of all Android devices are still running older systems, and are subject to similar attacks.