Severity scale:  
  (67/100)

LeakerLocker ransomware virus. How to remove? (Uninstall guide)

removal by Lucia Danes - - | Type: Malware
12

LeakerLocker – Android malware that was spotted spreading in Google Play

The image of LeakerLocker ransomware virus

LeakerLocker is a new variant of Android ransomware that has been spotted spreading via two apps in Google Play store – “Wallpapers Blur HD” and “Booster & Cleaner Pro.“ This mobile malware[1] cannot encrypt files but threatens to leak sensitive victim’s information if she or he does not pay a ransom of $50 in 72 hours.

LeakerLocker virus locks device’s screen and delivers a pop-up window as soon as the user downloads one of the infected apps. It says that malware contains this information that will be sent to each phone and email contact if criminals won’t receive a “modest ransom” within the deadline:

  • Personal photos;
  • Contact numbers;
  • Send and received SMS;
  • Phone calls history;
  • Facebook messages;
  • Chrome visits history;
  • Full email texts;
  • GPS location history.

Crooks claim that all the personal data was transferred to their secure cloud. Thus, deletion of the LeakerLocker ransomware won’t protect personal files and data. However, these words might be just a threatening tactic used by cyber criminals in order to get as many ransoms as possible. Therefore, you should not rush click “Procceed” button and make the transaction.

No one knows if crooks copied your files, if they can publish this data or if they keep their words once they receive the ransom. The research has shown that malware can access particular data by communicating with its Command and Control (C&C) server. However, the situation does not seem as crooks want to make you believe.

What is more, even if you pay the ransom, they might ask for more money later. Therefore, demanded $50 might be just the beginning of swindling your money. Thus, it’s better to remove LeakerLocker from the Android device and hope for the best.

LeakerLocker removal requires not only uninstalling malicious apps but checking the system for other suspicious components. This task might be complicated, so we suggest automatic elimination option using mobile-friendly security software, for instance Reimage.

Two malicious apps were available on Google Play store

This version of Android virus spread via two apps in the official store:

  • Wallpapers Blur HD;
  • Booster & Cleaner Pro.

Researchers announced about these apps and Google removed them. However, they might spread in unofficial download websites or stores. Since McAfee research team discovered LeakerLocker,[2] these malicious apps were already downloaded thousands of times.

According to the analysis, “Wallpapers Blur HD” was downloaded 5,000 – 10,000 times. Meanwhile, the installation rate of “Booster & Cleaner Pro” is smaller. This malicious app was downloaded only from 1,000 to 5,000 times. The latter app has a pretty high rate. But judging from user’s reviews, it’s clear that they are fake.

However, “Wallpapers Blur HD” users note that the application requires access to irrelevant data, for instance, access to contacts, call logs or SMS. We want to point out that it’s important to read authorization agreements before installing the app.

If you chosen application seems to ask for lots of information that is not necessary for the operation, you should not give the access to such data. In this case, it’s obvious that wallpaper app does not need to get access to your contacts in order to operate.

It’s unknown what countries have suffered the most from this mobile malware. According to the primary data, the United States, Canada, and the United Kingdom[3] might be at the top of the list.

Uninstall LeakerLocker from your Android smartphone

Undoubtedly, LeakerLocker removal requires uninstalling “Wallpapers Blur HD” and “Booster & Cleaner Pro” from the phone. However, we also highly recommend scanning the system with security software and eliminate all malware-related components entirely.

However, malware can block Reimage or another your preferred security software. In this case, you may need to restart your Android to the Safe Mode by following these steps:

  1. Press the power button and press it until you see a menu. Click on the Power off option.
  2. You will receive a dialog window that asks to reboot the device to Safe Mode. Thus, click OK.

If you cannot reboot your device or remove LeakerLocker manually, please check manual Android removal instructions here.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software to remove LeakerLocker ransomware virus you agree to our privacy policy and agreement of use.
do it now!
Download
Reimage (remover) Happiness
Guarantee
Download
Reimage (remover) Happiness
Guarantee
Compatible with Microsoft Windows Compatible with OS X
What to do if failed?
If you failed to remove infection using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall LeakerLocker ransomware virus. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.

More information about this program can be found in Reimage review.

About the author

Lucia Danes
Lucia Danes - Virus researcher

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Lucia Danes
About the company Esolutions

References

Removal guides in other languages