CYBER.POLICE: a ransomware for an Android
Android users should wake up from the slumber since an Android-based ransomware called the CYBER.POLICE virus has been recently released. Ransomware viruses have been ravaging through the computers and tablets while the smartphone users could feel relatively safe. Unfortunately, it seems that cyber criminals have finally noticed this new niche and have come up with ways to exploit it.
CYBER.POLICE virus is an especially concerning threat because it does not need any additional interaction from the user to install on the device. In fact, this rogue program is downloaded through malicious advertisements, which are usually displayed on some obscure websites. In other words, you simply have to visit a webpage featuring this ad and it will be automatically installed on your Android OS. The security experts note that it is the first recorded instance of a mobile virus infecting the devices independently. Even if your device is protected with some antivirus utility, it does not guarantee that it will be able to detect this threat. In fact, the studies show that most of the time CYBER.POLICE manages to slip through the protection undetected. This malicious application uses Towelroot tool to hijack the devices, and its first appearance was detected already in the December of 2015. However, the new technique that this virus uses to take over devices was established only in February 2016.
Once in the system, the virus will lock the smartphone’s screen and display a message, supposedly received from the NSA agency, explaining that the device has been locked due to illegal activities, in particular, browsing on illegal websites. In the message, the user is demanded to pay a fine within 72 hours and is threatened with legal processes if the fine is not paid over an indicated period. It is interesting that the ransom must be paid in $200 USD worth of Apple iTunes gift card codes. However, it is unlikely that paying the money will be able to unlock the phone. Luckily, if you are a user of newer Android versions, such as Lollipop or Marshmallow, you are safe from this virus as CYBER.POLICE only attacks versions 4.0.3 to 4.4.4. If you suddenly encounter this notification on your smartphone screen do not panic. We have the CYBER.POLICE removal instructions prepared at the end of this article. However, if your mobile device is still virus-free and you want to find out how to keep it that way, you will find some recommendations below.
How can this Android ransomware be avoided?
Since the virus installs on the device automatically, you can never be sure when exactly it will hit. Also, tools which would block such an attack do not exist yet. So you are left with three options:
- Obtain a newer Android device. Some of the older Androids do not receive software updates anymore, so they will always remain vulnerable. Purchasing a newer product will ensure that the security features are always up-to-date, and viruses like these have no chance of infiltrating your device.
- If you do not wish to purchase a newer device, you must put some effort in protecting your data yourself. The best way to avoid suspicious advertisements like these is to avoid visiting obscure websites and choose only the legitimates and acknowledged ones instead.
- Install the newest version of the Google Chrome browser application. The newer versions of the app have a built-in technology for blocking potentially dangerous sites, so you will be protected from visiting sites where malicious ads may appear.
- Finally, make regular backups of your files and keep them on your computer or some other external storage, out of the cyber criminals’ reach.
CYBER.POLICE removal instructions:
Unfortunately, there is no known way of unlocking the devices as the CYBER.POLICE settle in. The best you can do is clear up your device from malicious files. CYBER.POLICE removal may seem impossible having in mind that the screen of your device is locked. However, you can still use factory reset. Remember, all the data you have on your device will be deleted after the factory reset. Here are the factory reset instructions for the Samsung users, though the sequence of actions may vary through different devices:
- Turn off your device
- Press-hold the Power button, Volume Up button and Home key simultaneously
- Release the Power button when you see a Samsung logo on the screen
- In the Android system recovery screen, navigate to wipe data/factory reset option using the Volume buttons.
- Press the Power button again to confirm the factory reset option.
Following these steps should help you remove CYBER.POLICE virus from your device and allow you to use your device and store new data on it safely again.