A fresh variant of a sophisticated Android ransomware known as MalLocker locks up mobile devices. The malware uses never-before-seen techniques that make use of certain Android features. Microsoft researchers say the new variant is an important discovery because the malware exhibits behaviors that have not been seen before and could open doors for other malware to follow. Attackers create this scenario to persuade users to pay the ransom so they can gain back access to the device, researchers said. The ransom note is hooked to a special permission called SYSTEM_ALERT_WINDOW . The malware overrides the onUserLeaveHint() function.
Source: https://threatpost.com/android-ransomware-home-button/160001/