Android mobiles face a new threat. A ransomware that is distributed by internet forums and applications attacks mobile phones when users press the start button on the screen. Microsoft has alerted of a new ransomware in the network. This cyber attack locks the screen of mobile phones when users activate the home button or answer a call. It’s called AndroidOS / MalLocker.B and it’s being distributed over the network. Ransomware is often characterized by attacking and encrypting the victim’s documents and then demanding a ransom for them. However, this virus will directly block the phone completely with a fake message so that they are forced to pay. When using the screen, the ransomware activates, leaving it locked so that it is not possible to avoid the cybercriminal’s message. This message pretends to be an email from the police saying that we have broken the law and that we must pay a fine. This example is provided in Russian in Microsoft’s information. Although ransomware attacks are nothing new, Microsoft points out that MalLocker.B’s mechanism of action is highly innovative. In addition to using the home button or call notification (two functions that are used very often) to attack the system and lock the phone, it also abuses the “onUserLeaveHint ()” function. This function is used on mobiles to switch from one application to another. We send the app we are using at that moment to the background and open another one. It is a very normal resource, but blocking it prevents users from dismissing the ransomware warning asking for money and continuing to use the phone. This ransomware is the latest variant of a malware family that has gone through several stages of evolution: “The long history of this ransomware family tells us that its evolution is far from over,” Microsoft explains in its statement. If you are looking for a safe and quality coronavirus map, which is updated in real time along with the most relevant news from reliable sources, one of the best is Bing’s Covid-19 Tracking Map, coordinated by Microsoft. Microsoft warns that MalLocker.B is spreading over the network and its main source of spread is unknown applications that are downloaded and installed from third-party websites and forums. That is, if you have an Android mobile and you want to install an application, go to the Google Play Store and make sure it is from a known and safe source. It is also important to have a good antivirus that keeps up with these new forms of attack. Microsoft has updated its recently released Defender tool in a mobile version to detect and remove this new ransomware.