Remove Android/Lockerpin.A Ransomware from Your Mobile

In terms of security, ransomware and RATs (remote access Trojans) are a true nightmare to organizations and stand-alone users. It’s to no one’s surprise that Kaspersky Lab has defined ransomware attacks an epidemic. As pointed out by security researcher Andrey Pozhogin, no user is safe. Both the consumer and the business can become a victim of ransomware.

Moreover, ransom attacks are about to go out of hand with the rising of Android and cloud storage ransomware.

A New Version of Android/Lockerpin.A Ransom Malware

A new malicious Android attack has indeed been detected just recently. It has been spreading with the help of an adult application named Porn Droid. Once the device is infected, the user’s screen PIN will be changed, and a ransom will be demanded. The amount of the ransom is $500 and €450.

Infection Path

The new strand of Android/Lockerpin.A ransomware is distributed via applications downloaded from unsafe locations such as torrents and third-party pages. Any app out of the Google Play store may have been employed by cyber criminals to spread ransomware or other forms of mobile threats.

Once the app is installed on the device, Lockerpin.A will ask for admin rights while camouflaging as an update. As you can see, the mobile ransomware is not as innovative as one might think but is as damaging as ransomware can be.

Porno-themed schemes are not anything new, and we have seen many attempts on behalf of cyber criminals. What is more, that is not the only ‘adult’ ransomware detected in September 2015. The same ‘style’ has been observed by the security team at Zscaler. They discovered an application dubbed Adult Player, which takes images of victims and blackmails them by using their image in the ransom message.

How to Rid Your Device from Android/Lockerpin.A

Researchers point out that the only way to remove the ransom message is by booting your phone in Safe Mode and uninstalling the malicious software.

Another thing to be tried is using the Android Debug Bridge. ADB is a versatile command line tool that lets users communicate with an emulator instance or connected Android-powered device.

Once the ransomware is deleted from the device, resetting it to factory settings is still needed to rid of the ‘unknown’ PIN issue.

We have also compiled several easy-to-follow steps for mobile device users.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

---

Preparation before removal of malware.

Before starting the actual removal process, we recommend that you do the following preparation steps.

• Turn off your phone until you know how bad is the virus infection.
• Open these steps on another, safe device.
• Make sure to take out your SIM card, as the virus could corrupt it in some rare cases.

---

Step 1: Shut Down your phone to win some time

Shutting down your phone can be done by pressing and holding its power button and choosing shut down.

In case the virus does not let you do this, you can also try to remove the battery.

In case your battery is non-removable, you can try to drain it as fast as possible if you still have control over it.

Notes: This gives you time to see how bad the situation is and to be able to take out your SIM card safely, without the numbers in it to be erased. If the virus is on your computer, it is espeically dangerous to keep the sim card there.

---

Step 2: Turn on Safe Mode of your Android device.

For most Android devices, switching to Safe Mode is the same. Its done by following these mini-steps:

---

1.Turn on your device and hold the power button until you see the following menu:

---

2.Tap on Safe Mode Icon to reset your phone to Safe Mode, like shown below:

---

3.When you turn on your phone, you will see the letters “Safe Mode” written on the side, bottom or other corners of the screen. Your phone will also be in Airplane mode. This will help avoid any viruses communicating with the hacker.

---

Step 3: Eliminate the App that Your Believe is the Virus

Usually Android viruses get masked in the form of applications. To eliminate apps, follow these mini-steps:

1.Swipe down from the top of your phone and locate the Settings symbol and tap on it.

---

2.When you open the Settings menu, you should be able to locate the control center of all your App Permissions. It should look something like the following:

---

3.Now if you know which the virus or adware app is, you should locate it and tap on it:

---

4.When you enter the app, you will see two options – to Force Stop it and to Uninstall it. Make sure to first Force Stop it so that your phone is safe from any tripwire tactics of the app that may destroy it an then tap on Uninstall to remove it.

---

5.Now if you are sure that the virus or adware app is removed, you can hold the Power button and tap on Restart:

---

Step 4: Find Hidden Virus Files on Your Android Phone and Remove Them

---

1.To find hidden files manually (In case you know where the virus files are), you can use Safe Mode to go to where your Files are actually located. Usually, this is a folder, named “My Files” or something approximate to this:

2.There you should be able to locate all of your files and all of the folders:

Simply locate the virus and hold-tap on the virus file to delete it.