An orange cat making a funny face this is what victims of El Gato (cat) ransomware see when their Android phones have been infected by this virus. McAfee labs researchers from its mobile division have seen that this virus’ is controlled remotely and it aims to make an android device no longer to be useful unless the victim pays a provided ransom payment. In addition to this El Gato has also been reported to have an infostealing ability allowing it to steal text messages and other information. In case you have been infected by El Gato ransomware, we strongly advise you to read this article thoroughly and learn how to clear your device from El Gato ransomware and try to get your files back.
|Type||Android Malware/ Lockscreen/Ransowmare|
|Short Description||The El Gato Android ransomware locks the files of Android devices, displays a lockscreen, steals information and may send SMS from it.|
|Symptoms||Locked screen displaying a cat.|
|Distribution Method||Malicious third-party apps or malicious URLs.|
|Detection Tool|| See If Your System Has Been Affected by El Gato |
Malware Removal Tool
|User Experience||Join our forum to Discuss El Gato Ransowmare.|
|Data Recovery Tool||Windows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.|
El Gato – How Does It Spread
So far, El Gato is in early stages of development and researchers have spotted it, which means that it is less likely to spread massively yet. However, if it is to be widespread, this may happen via several different methods:
- Malicious URLs opened on the device’s web browser.
- Malicious apps installed from a third-party app provider other than Google Play store.
El Gato Ransomware – More Information
Upon infection, El Gato ransomware, may perforom several malicious activities on the device. For starters, the virus connects remotely to the cyber-criminals’ C&C servers. From there, they assume a remote-control like access enabling them to use the many features of the El Gato virus.
One of its “extras” is primarily associated with locking the screen of users and possibly displaying an image of a funny and cute cat. However, there is nothing cute about this virus. The access can be blocked by adding a lockscreen to the device which can be done by modifying the screensaver.
Not only this, but the creators of El Gato ransomware also have the ability to steal information from the infected device. They can obtain text messages, system information, contact information.
Besides stealing such I formation, DigitalTrends researchers report that El Gato virus also has the capability of sending text messages from it’s victims phones.
Besides those, probably the worst feature of the phone is that it may eventually pose a grave threat to your data as well. The El Gato virus has the ability to encrypt user files as well, making decryption that is direct almost impossible.
After encryption, the El Gato virus may generate a randomly made password, different for every infection and the attacker may demand a different payment and methods of payment, for example 1 BTC via Tor networking or payment via SMS to a remotely operated and automated short messaging service.
Remove El Gato Ransowmare from Your Android Device
Removing this virus may be a tricky thing, especially if it has encrypted your files. This is why we advise you to try and enter the safe mode of your phone, connect it to a computer and copy the files onto it. In case the files on your phone are encrypted and important to you, you should first determine the type of encryption algorithm used. Then use the appropriate decryptor.
We have prepared the instructions below that will surely help you to get rid of this ransomware from your device. We strongly advise you to try and access your files and copy them somewhere else before attempting this removal.