Remove Simple Locker Ransomware for Android and Restore Your Phone

by Ventsislav Krastev | March 8, 2016 | 0 Comments

The latest in Android ransomware, called “Simple Locker” is essentially a lockscreen type of malware that affects all types of devices. The malware may infect users via spam e-mails offering new applications which are in fact the malicious files themselves. The ransomware also features a scareware message that “convicts” users into crimes they did not commit and asks for paying “fee” in return for the access of their device. All users, whose mobile devices were affected by this ransomware are strongly advised to plug out their SIM cards and follow the instructions after this article.

On this page:

Simple Locker Ransomware Distribution Simple Locker Ransomware In Detail Remove Simple Locker Ransomware from Your Mobile Device

Name	Simple Locker
Type	Ransomware, RaaS
Short Description	SimpleLocker locks the user out of his device and demands a payment. The Ransomware may be encountered on Android devices as well as other mobile OSs.
Symptoms	Access to apps and files is locked and a ransom message is displayed. Instructions are included.
Distribution Method	Distribution method is not clear yet. SimpleLocker may be distributed via malicious apps, etc.
Detection tool	Download Advanced anti-malware tool, to See If Your System Has Been Affected By Simple Locker
User Experience	Join our forum to discuss Simple Locker.
Data Recovery Tool	Windows Data Recovery by Stellar Phoenix Notice! This product scans your drive sectors to recover lost files and it may not recover 100% of the encrypted files, but only few of them, depending on the situation and whether or not you have reformatted your drive.

Simple Locker Ransomware Distribution

This lockscreen malware may use fake app downloads through malicious emails sent out to the user’s account. The email subjects may be connected with something the user is likely to tap on, for example:

“New version of your game.”
“New PayPal app.”
“The mobile app you subscribed for.”

After downloading the app, and starting it, it locks the user’s screen displaying the ransom message.

Simple Locker Ransomware In Detail

As soon as simple locker has been activated it may immediately lock down the screen of the user. After it locks down your screen, you may enter the main menu of your phone but the app will open the ransom message seconds after your action.

The message itself is written in Russian, but directly translated, it means the following:

→ “Attention! Your phone has been blocked! The device has been blocked for the distribution of child pornography, zoophilia, and other sick things. To unlock your phone, you need to pay 900 hryvnias.
1.Find a payment fulfillment terminal, located in your proximity.
2.In it, locate Money.
3.Enter
4. Input 260 hryvnias and tap on ‘Pay’
Do not forget to take your receipt! After the payment has been conducted your device will be unencrypted in 24 hours. IN CASE, YOU HAVEN’T PAYED YOU WILL LOSE ALL THE DATA ON YOUR DEVICE FOREVER!”

This locking of the screen is particularly bad in case you have saved your contacts or important files on your phone, because the Ransomware may block it in case you connect via USB to your computer. It is a clear sign of the ever increasing spread of ransomware infections across different devices with operating systems. This is especially scary when we put into perspective “the internet of things”, while looking towards the future.

Remove Simple Locker Ransomware from Your Mobile Device

So far, we have encountered Simple Locker only on Android devices. However, this does not exclude the possibility that this ransomware may also be spread throughout Apple devices and Windows mobile ones as well.

Since removing Simple Locker may erase your data, we have suggested several methods to do it effectively and safely in case you have an Android or Apple device in the step-by-step instructions below.

1. Back up the data on your device

Back up the data on your phone

CAUTION! Before attempting any removals and drive formatting on your device, you should know that it is essential to save all your important contacts and files from your phone. There are several methods to backup your files:

Method I: Using online backup software or a memory card if the device supports it.

Method II: Connecting to another device and copying the data directly.

This is a bit risky option since the device may have malware on it. This is why, first you need to enter the device’s Safe Mode:

For RAZR Droid Devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.

2.Switch the phone on.

3.You should see a Motorola Dual Core screen appearing. You should press and hold the Volume up, and Volume Down keys on the side of the smartphone. Hold them until the lock screen shows up with ‘Safe Mode’ written in the lower corner.

For HTC Devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.

2.Turn on your phone while simultaneously holding down the Menu Button. When it starts, keep pressing the Menu Button until you see ‘Safe Mode’ menu appearing in the lower corner.

For Nexus devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.
2.Turn on the phone.
3.When the welcome Logo Screen shows up, hold the trackball while pressing it until a lock screen shows up, or you see ‘Safe Mode’ written in the bottom corner.

For Other Motorola Devices:

1.Switch off the smartphone and remove the battery for a few seconds then plug it back in.
2.Hold down the Menu Button after you press it while turning on the phone. When it boots, hold the button down upon seeing the lock screen or feeling the phone vibrate.

For Moto G Devices:
1.Press the Power Button and hold it on until the list with options pop-up.
2.Hold the Power off button and wait for a ‘Reboot to Safe Mode’ option to appear.
3.Tap it and let the phone reset.

For Samsung Galaxy Devices:

1.While the device is on, hold down the Power Button and wait for the Options List.
2.Wait for a ‘Restart to Safe Mode’ option to appear.
3.Choose this setting. The device will restart.

For Apple Devices:

1. While your device is locked, hold down the Power Button and the Home Button until you see a white Apple logo.
2. Once you see the logo, let go from those buttons and start holding the Volume Up button. (Give it a little time to boot up)
3. Now the phone should boot in Safe Mode without any third-parties running.

And now it is time to proceed by doing the actual backup:

Apple iOS

1. Connect your device and select it in iTunes.
2. From the Backups section go to Manually Back Up and Restore and tap on Back Up Now.

Android

1. Connect your device via USB to a computer and select Use as a Media Device. You may also see use as file transfer option.
2. Go to your phone from My Computer and copy all the files you need.
3. If the phone has an option to install its drivers onto your computer, select it and install them since this will simplify the process of copying your contact list on your computer.

2. Hard-reset your device and remove Simple Locker

Hard-Reset Your Smartphone

For Apple iPhone and iPad Devices:

Option I: Via the device

1.Back up your data using iCloud or another backup method.
2. Go to the Settings menu and go to General.
3. On the bottom, tap on Reset.
4. Tap on Erase All Content and Settings.
5. Confirm it by tapping on the red Erase button and then type your password.

Option II: Via iTunes

1. Connect your device and open iTunes.
2. Click on the device‘s name and model to open the dialog box.
3. From there, click on the button “Restore”

For Android Devices:

After you have backed up your files, you should perform a clean wipe-out of your phone. This can happen either via one of the options in Safe Mode or by entering your device’s Recovery Mode. Several methods exist in order to enter Recovery Mode of your device:

For Nexus Devices: – Hold the Volume Down + Volume Up + Power button until a Recovery menu appears. After that, you should select the Wipe Data/Factory reset option. Nexus 4 may work with Volume Up + Power + Volume Down.

For Samsung Devices: – Hold the Volume Up + Power Button + Home Button until a Recovery menu appears. After that, you should select the Wipe Data/Factory reset option.

For Motorola Droid X Devices: Hold the Home Button + Power Button until a Recovery menu appears. After that, you should select the Wipe Data/Factory reset setting.

For other devices with camera buttons on them: Hold the Volume Up + Camera Button until a Recovery Menu appears. After this, you should choose the Wipe Data/Factory reset option.

Also in case you have backed up your device in a Google Account, you will be able to restore your data after a complete wipe-out by just logging into your Google Account with you email and password.

3. Restore missing or corrupt files using special file restoration software

Restore Missing or Corrupt Files

1. Connect your phone via a USB cable. You should see it in “My Computer”
2. Use different file recovery software to scan for and recover the files in its drive. Examples of programs we have tested are provided below:

Ventsislav Krastev

Ventsislav is a cybersecurity expert at SensorsTechForum since 2015. He has been researching, covering, helping victims with the latest malware infections plus testing and reviewing software and the newest tech developments. Having graduated Marketing as well, Ventsislav also has passion for learning new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management, Network Administration and Computer Administration of System Applications, he found his true calling within the cybersecrurity industry and is a strong believer in the education of every user towards online safety and security.