Remove Android/Lockerpin.A Ransomware from Your Mobile

In terms of security, ransomware and RATs (remote access Trojans) are a true nightmare to organizations and stand-alone users. It’s to no one’s surprise that Kaspersky Lab has defined ransomware attacks an epidemic. As pointed out by security researcher Andrey Pozhogin, no user is safe. Both the consumer and the business can become a victim of ransomware.

Moreover, ransom attacks are about to go out of hand with the rising of Android and cloud storage ransomware.

A New Version of Android/Lockerpin.A Ransom Malware

p12_0000

A new malicious Android attack has indeed been detected just recently. It has been spreading with the help of an adult application named Porn Droid. Once the device is infected, the user’s screen PIN will be changed, and a ransom will be demanded. The amount of the ransom is $500 and €450.

Infection Path

The new strand of Android/Lockerpin.A ransomware is distributed via applications downloaded from unsafe locations such as torrents and third-party pages. Any app out of the Google Play store may have been employed by cyber criminals to spread ransomware or other forms of mobile threats.

Once the app is installed on the device, Lockerpin.A will ask for admin rights while camouflaging as an update. As you can see, the mobile ransomware is not as innovative as one might think but is as damaging as ransomware can be.

Porno-themed schemes are not anything new, and we have seen many attempts on behalf of cyber criminals. What is more, that is not the only ‘adult’ ransomware detected in September 2015. The same ‘style’ has been observed by the security team at Zscaler. They discovered an application dubbed Adult Player, which takes images of victims and blackmails them by using their image in the ransom message.

How to Rid Your Device from Android/Lockerpin.A

Researchers point out that the only way to remove the ransom message is by booting your phone in Safe Mode and uninstalling the malicious software.

Another thing to be tried is using the Android Debug Bridge. ADB is a versatile command line tool that lets users communicate with an emulator instance or connected Android-powered device.

Once the ransomware is deleted from the device, resetting it to factory settings is still needed to rid of the ‘unknown’ PIN issue.

We have also compiled several easy-to-follow steps to remove Android ransomware from affected devices.

Step 1: Boot Your Smartphone into Safe Mode:

android-safe-mode

For RAZR Droid Devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.

2.Switch the phone on.

3.You should see a Motorola Dual Core screen appearing. You should press and hold the Volume up, and Volume Down keys on the side of the smartphone. Hold them until the lock screen shows up with ‘Safe Mode’ written in the lower corner.

For HTC Devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.

2.Turn on your phone while simultaneously holding down the Menu Button. When it starts, keep pressing the Menu Button until you see ‘Safe Mode’ menu appearing in the lower corner.

For Nexus devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.
2.Turn on the phone.
3.When the welcome Logo Screen shows up, hold the trackball while pressing it until a lock screen shows up, or you see ‘Safe Mode’ written in the bottom corner.

For Other Motorola Devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.
2.Hold down the Menu Button after you press it while turning on the phone. When it boots, hold the button down upon seeing the lock screen or feeling the phone vibrate.

For Moto G Devices:
1.Press the Power Button and hold it on until the list with options pop-up.
2.Hold the Power off button and wait for a ‘Reboot to Safe Mode’ option to appear.
3.Tap it and let the phone reset.

For Samsung Galaxy Devices:

1.While the device is on, hold down the Power Button and wait for the Options List.
2.Wait for a ‘Restart to Safe Mode’ option to appear.
3.Choose this setting. The device will restart.

After you have backed up your files, you should perform a clean wipe-out of your phone. This can happen either via one of the options in Safe Mode or by entering your device’s Recovery Mode. Several methods exist in order to enter Recovery Mode of your device:

reboot-system

For Nexus Devices: – Hold the Volume Down + Volume Up + Power button until a Recovery menu appears. After that, you should select the Wipe Data/Factory reset option. Nexus 4 may work with Volume Up + Power + Volume Down.

For Samsung Devices: – Hold the Volume Up + Power Button + Home Button until a Recovery menu appears. After that, you should select the Wipe Data/Factory reset option.

For Motorola Droid X Devices: Hold the Home Button + Power Button until a Recovery menu appears. After that, you should select the Wipe Data/Factory reset setting.

For other devices with camera buttons on them: Hold the Volume Up + Camera Button until a Recovery Menu appears. After this, you should choose the Wipe Data/Factory reset option.

Also in case you have backed up your device in a Google Account, you will be able to restore your data after a complete wipe-out by just logging into your Google Account with you email and password.

Milena Dimitrova

An inspired writer, focused on user privacy and malicious software. Enjoys 'Mr. Robot' and fears '1984'.

More Posts - Website

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.