DoubleLocker mainly spreads as a fake Adobe Flash Player application downloadable through compromised websites. Once installed on the victim’s device, it requests activation of the accessibility service called “Google Play Service,” which allows it to gain administrator rights and set itself as the default Home application, without the user’s consent.

Read full news article on SecurityWeek