Recently we had discussed about how android devices were more prone to malware attacks due to its vast user base. Some researchers have found a malware in circulation on android devices. The device is bricked with a Warning message being displayed on the screen after the android malware is installed. The message floats on the home screen over and above the phone icons.
The message blocks the access to the device functions and your device is left unusable. This ransomware, a type of malware that takes over the users system and asks for a ransom to get the system reinstated to normal.
This malware Android.Trojan. Koler.A, as it is named is installed on the device automatically while the victim is browsing a porn website. The warning claims itself to be from FBI if the user is from US, although its not thus causing a scare for the victim.
The malware also claims to encrypt all the user data and would only release it after a payment of $300 is made to an anonymous account that is not traceable. The modes of payment to these account cannot trace the beneficiary.
The Warning message displayed on the screen also shows the geo location of the victim. The geo location shown by the android malware drags the victim in believing the authenticity of the message. Reports also claim that the installed malware shares the imei no. with the rogue servers.
This scareware family malware that translates to ransomware banks on the fear of the victim. The victim’s fear that he has broken the law and his house could be barged by the Federal Investigating agency of his country is enough in pushing him to pay the ransom amount.
Defense against the Android Malware:
As discussed earlier the malware is installed without the user knowing about it. The best defense against such activities is to download your apps from trusted sources. Yes, you are right the malware installs without any notification so you need to just disable a setting from you device. Go to System Settings -> Security and disable the “Unknown Sources – Allow installation of non-Market apps”. This setting disallows installations other that Google play store.
Android Malware Removal:
This is the good news but again depends on your swift movements. The ransomware screen disappears for a few seconds on press of the home button. If you are fast enough to uninstall the BaDoink app(the app that installs the malware).
You can also remove it by entering the phone in safe mode which is diagnostic mode for android devices too. Here the method can differ with the Android versions and updates.
However you can rely on two methods:
1) Method 1.
- Press Power button to ‘Power Off’ or ‘Restart’.
- Restart if you have powered off the device.
- Hold ‘Volume down’ button while the device boots up.
2) Method 2
- Long press the ‘Power Off’ button.
- Press ‘OK’ to reboot device into Safe Mode.