Severity scale:  

Remove DoubleLocker ransomware / virus (Free Guide) - Virus Removal Instructions

removal by Olivia Morelli - - | Type: Malware

DoubleLocker – a new Android virus that locks device’s screen and demands to pay the ransom

The picture of DoubleLocker ransomware virus

DoubleLocker is a ransomware-type mobile virus that aims at the Android operating system. This variant of Android virus spreads as a fake Adobe Flash update.[1] After the infiltration, it encrypts files and changes PIN lock. Then malware tries to hack victim’s bank account and demands to pay 0.0130 Bitcoins.

The significant feature of the DoubleLocker ransomware is that it is a “two-stage” malware. The first task it performs on the targeted device is hacking victim’s PayPal or bank account. Then it starts data encryption, locks the mobile and demands to pay the ransom. Therefore, it has features of the banking trojan[2] and file-encrypting virus.

According to cyber researchers, it’s a first mobile ransomware that misuses Android accessibility in this way. However, the virus is expected to be upgraded and used only for swindling the money from online banking accounts. Thus, in case of the attack, victims are advised to remove DoubleLocker immediately with Reimage or another mobile-friendly malware removal tool.

Once DoubleLocker gets inside the Android device, it requests “Google Play Services” accessibility feature. If users give this permission, malware gets administrative rights of the phone. Then it sets itself as a default home application, or in other words, launcher.

Users who installed fake Adobe Flash update does not know about this malicious activity. However, when a victim clicks the home button, he or she activates crypto-malware. Thus, the device gets locked. The problem is that DoubleLocker changes the PIN. However, victims lose access to their mobile phones.

Meanwhile, ransomware encrypts all the information stored there and demands to pay the ransom in 24 hours. Once attackers receive the money, the device is unlocked and files decrypted automatically. However, trusting attackers is not a wise decision.

Questions about DoubleLocker ransomware virus

It’s better to focus on DoubleLocker removal and restore files from backups. Hopefully, your device creates backups automatically and stores in the cloud. There’s no information that malware can encrypt files in cloud storage. Thus, get rid of malware and do not risk losing your money.

Do not install updates from unauthorized sources to avoid the attack

As we have mentioned this Android ransomware spreads as a fake Adobe Flash update on the compromised websites. Thus, you should stick to Google Play Store if you need to install some programs. Also, don’t forget that malware might bypass the security and act like a legit app. However, you should always download software from the verified developers.

Additionally, available app updates might pop up as a notification, or you can find them in the Google Play Store as well. Thus, install them only from there. Other sources distribute various types of malware.

Security experts from Sweden[3] also remind that you should be careful with other clickable content to protect from mobile malware attacks. Thus, do not click on suspicious links and ads. Moreover, do not download unknown apps or security tools promoted in pop-ups.

Tips for DoubleLocker elimination

DoubleLocker removal might be complicated if you have a non-rooted Android device. Victims can only unlock the phone by resetting the phone to factory state. Then, it’s possible to wipe out the virus with security software, such as Reimage.

If malware attacked rooted an Android phone that has enabled debugging model can take advantage of Android Debug Bridge (ADB) tool. Thus, they do not need to factory-reset phone to unlock it and remove DoubleLocker. Once the phone’s PIN is reset, victims can uninstall ransomware with a mobile-friendly security program.

do it now!
Reimage (remover) Happiness
Reimage (remover) Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to remove virus damage. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.
Alternative Software
Different security software includes different virus database. If you didn’t succeed in finding malware with Reimage, try running alternative scan with SpyHunter.
Alternative Software
Different security software includes different virus database. If you didn’t succeed in finding malware with Reimage, try running alternative scan with Combo Cleaner.

About the author

Olivia Morelli
Olivia Morelli - Ransomware analyst

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Olivia Morelli
About the company Esolutions


Removal guides in other languages

Your opinion regarding DoubleLocker ransomware virus