A new Android banking malware dubbed LokiBot can trigger ransomware capabilities when a victim tries to remove the malware from their infected device.
According to a Tripwire report , some of the additional features of LokiBot include the ability for attackers to read a victim’s SMS messages and also send out spam email to infect other users.
The malware can also upload browser histories to a command and control (C&C) server as well as conduct overlay attacks on targeted banking applications.