67% of Android users might become victims of Lockdroid ransomware
Lockdroid ransomware (Android.Lockdroid.E) is a variant of Android ransomware which spreads as a Trojan horse. Malware hides in the porn app “Porn ‘O’ Mania” which can be download from the third-party sources. This application was created to take control over the attacked Android device. It tricks users into giving the admin rights by using fake package installation. When malware gets what it wants, it starts encrypting files on the attacked smartphone or tablet. Apart from that Lockdroid virus can also lock the device, change PIN code or even delete all users’ data. Google authorities claim that none of the 1000 victims have installed this application from Google Play. According to Google, users who have Google Play installed on their devices are protected by Verify Apps even if they decide to download apps from other sources. However, according to Symantec, 67% of Android users were at risk. Malware uses clickjacking technique to attack devices that run Android 5.0 (Lollipop) or newer versions of the operating system. After the attack, victims must perform Lockdroid removal immediately to get back access to the smartphone and rescue their data. We highly recommend scanning the device with Reimage after the attack.
After downloading this app on the device, malware shows a fake “Package Installation” window. The process does not differ from ordinary app installation. Hence, users click “Continue” button thinking that they are installing necessary components. However, this button hides something serious. When the button is clicked, the Lockdroid virus shows an “Unpacking the Components” dialogue which makes the process look legitimate. Then malware shows the last dialog called “Installation is Complete.” It’s the last step to get admin rights and full access to the device. To trick victims to give privileges, the malware uses a TYPE_SYSTEM_ERROR window which is delivered on the top of the device activation dialog. Therefore, the “Continue” button is actually an “Activate” button. As you can see, Lockdroid ransomware uses a sophisticated social engineering technique to trick users and gain administrator rights. This cyber infection can cause data loss and lead to various privacy-related issues. If you haven’t encountered it, you should take all precautions to avoid it. However, if you got infected, you should scroll down to the end of this article and learn how to remove Lockdroid from the device.
How is this malicious app being distributed?
Android ransomware along with all its variants (Android.Lockdroid.E virus included) mostly spread via fake or Trojanized apps. These apps are often distributed via third-party websites and other sources that are not reliable. Sometimes malware manages to bypass Google Play security; however, it rarely happens. Google monitors all new applications distributed via Google Play, and all malicious apps are eliminated. However, developers of the malware started using social engineering techniques and infecting smartphones or tablets by tricking users into giving the admin rights. As you already know Lockdroid hijack might occur when you install adult-themed application called “Porn ‘O’ Mania.” It goes without saying that you must stay away from it. We want to point out that you can encounter many similar malicious applications from various online sources. Therefore, you should not use shady third-party sources for downloading new apps. Always rely on Google Play and read reviews from the users. It will help to learn about the application and make a decision whether it’s worth installing or not. What is more, you should strengthen your smartphone’s security with security software.
Guidelines for Lockdroid removal
We recommend starting Lockdroid removal with scanning your device’s system. For that, you need to install malware removal software such as BullGuard Mobile Security or mobile version of Reimage. Also, you can try following these steps to remove Lockdroid malware and recover the system:
1. Reboot your smartphone into Safe Mode:
- Press Power button until you see a menu. In the menu tap Power off.
- In the received dialog window you will be suggested to reboot your device to the Safe Mode. Select this option and tap OK.
If this method does not work follow these steps:
- Turn off and turn on the device.
- When your smartphone is active, press and hold Menu, Volume Down, and Volume Up buttons together. Hold until you see Safe Mode.
2. When in Safe Mode, remove Porn ‘O’ Mania and other suspicious applications from the device:
- Go to Settings -> Apps (or Application manager).
- In the list look for the malicious applications and uninstall them.