Severity scale:  

Remove Lockdroid ransomware (Free Guide) - Tutorial

removal by Gabriel E. Hall - - | Type: Ransomware

67% of Android users might become victims of Lockdroid ransomware

Lockdroid ransomware (Android.Lockdroid.E) is a variant of Android ransomware which spreads as a Trojan horse. Malware hides in the porn app “Porn ‘O’ Mania”[1] which can be download from the third-party sources. This application was created to take control over the attacked Android device. It tricks users into giving the admin rights by using fake package installation. When malware gets what it wants, it starts encrypting files on the attacked smartphone or tablet. Apart from that Lockdroid virus can also lock the device, change PIN code or even delete all users’ data. Google authorities claim[2] that none of the 1000 victims have installed this application from Google Play. According to Google, users who have Google Play installed on their devices are protected by Verify Apps even if they decide to download apps from other sources[3]. However, according to Symantec, 67% of Android users were at risk. Malware uses clickjacking technique[4] to attack devices that run Android 5.0 (Lollipop) or newer versions of the operating system. After the attack, victims must perform Lockdroid removal immediately to get back access to the smartphone and rescue their data. We highly recommend scanning the device with Reimage Reimage Cleaner Intego after the attack.

After downloading this app on the device, malware shows a fake “Package Installation” window. The process does not differ from ordinary app installation. Hence, users click “Continue” button thinking that they are installing necessary components. However, this button hides something serious. When the button is clicked, the Lockdroid virus shows an “Unpacking the Components” dialogue which makes the process look legitimate. Then malware shows the last dialog called “Installation is Complete.” It’s the last step to get admin rights and full access to the device. To trick victims to give privileges, the malware uses a TYPE_SYSTEM_ERROR window which is delivered on the top of the device activation dialog. Therefore, the “Continue” button is actually an “Activate” button. As you can see, Lockdroid ransomware uses a sophisticated social engineering technique to trick users and gain administrator rights. This cyber infection can cause data loss and lead to various privacy-related issues. If you haven’t encountered it, you should take all precautions to avoid it. However, if you got infected, you should scroll down to the end of this article and learn how to remove Lockdroid from the device.

Picture of Lockdroid ransomwareLockdroid ransomware spreads as a Trojan horse and hides under "Porn 'O' Mania" app.

How is this malicious app being distributed?

Android ransomware along with all its variants (Android.Lockdroid.E virus included) mostly spread via fake or Trojanized apps. These apps are often distributed via third-party websites and other sources that are not reliable. Sometimes malware manages to bypass Google Play security[5]; however, it rarely happens. Google monitors all new applications distributed via Google Play, and all malicious apps are eliminated. However, developers of the malware started using social engineering techniques and infecting smartphones or tablets by tricking users into giving the admin rights. As you already know Lockdroid hijack might occur when you install adult-themed application called “Porn ‘O’ Mania.” It goes without saying that you must stay away from it. We want to point out that you can encounter many similar malicious applications from various online sources. Therefore, you should not use shady third-party sources for downloading new apps. Always rely on Google Play and read reviews from the users. It will help to learn about the application and make a decision whether it’s worth installing or not. What is more, you should strengthen your smartphone’s security with security software.

Guidelines for Lockdroid removal

Questions about Lockdroid ransomware

We recommend starting Lockdroid removal with scanning your device’s system. For that, you need to install malware removal software such as BullGuard Mobile Security or mobile version of Reimage Reimage Cleaner Intego. Also, you can try following these steps to remove Lockdroid malware and recover the system:

1. Reboot your smartphone into Safe Mode:

  • Press Power button until you see a menu. In the menu tap Power off.
  • In the received dialog window you will be suggested to reboot your device to the Safe Mode. Select this option and tap OK.

If this method does not work follow these steps:

  • Turn off and turn on the device.
  • When your smartphone is active, press and hold Menu, Volume Down, and Volume Up buttons together. Hold until you see Safe Mode.

2. When in Safe Mode, remove Porn ‘O’ Mania and other suspicious applications from the device:

  • Go to Settings -> Apps (or Application manager).
  • In the list look for the malicious applications and uninstall them.
do it now!
Reimage Happiness
Intego Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage Intego, submit a question to our support team and provide as much details as possible.
Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

Access your website securely from any location

When you work on the domain, site, blog, or different project that requires constant management, content creation, or coding, you may need to connect to the server and content management service more often. It is a hassle when your website is protected from suspicious connections and unauthorized IP addresses.

The best solution for creating a tighter network could be a dedicated/fixed IP address. If you make your IP address static and set to your device, you can connect to the CMS from any location and do not create any additional issues for server or network manager that need to monitor connections and activities. This is how you bypass some of the authentications factors and can remotely use your banking accounts without triggering suspicious with each login. 

VPN software providers like Private Internet Access can help you with such settings and offer the option to control the online reputation and manage projects easily from any part of the world. It is better to clock the access to your website from different IP addresses. So you can keep the project safe and secure when you have the dedicated IP address VPN and protected access to the content management system.

Backup files for the later use, in case of the malware attack

Computer users can suffer from data losses due to cyber infections or their own faulty doings. Ransomware can encrypt and hold files hostage, while unforeseen power cuts might cause a loss of important documents. If you have proper up-to-date backups, you can easily recover after such an incident and get back to work. It is also equally important to update backups on a regular basis so that the newest information remains intact – you can set this process to be performed automatically.

When you have the previous version of every important document or project you can avoid frustration and breakdowns. It comes in handy when malware strikes out of nowhere. Use Data Recovery Pro for the data restoration process.

About the author
Gabriel E. Hall
Gabriel E. Hall - Passionate web researcher

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Gabriel E. Hall
About the company Esolutions


  1. Daniel says:
    February 10th, 2017 at 3:43 am

    Theres so many viruses attacking Androids…

  2. Lidia says:
    February 10th, 2017 at 3:43 am

    I think I should install antivirus to my Samsung… Just in case…

  3. Suki says:
    February 10th, 2017 at 3:44 am

    My phone was infected with a virus once, it was horrible. My phone bill was enormous… Be careful!

Your opinion regarding Lockdroid ransomware