What is FBI Android virus and how to get rid of it?

by Ugnius Kiguolis - -

If you have ever been infected with FBI virus, you will definitely know how serious this infections is. For those who have never heard about it we must say that FBI virus is a dangerous cyber threat that was released several years ago. It was labeled as ransomware because it seeks to trick people into paying the ransom. If FBI virus infiltrates the system, it locks it down and then starts showing a huge warning message saying that the Federal Bureau of Investigation or other governmental authority noticed illegal activity. It may accuse its victim for the use of copyrighted content, distribution of pornographic material and similar crimes. In addition, victim is informed that the only way to unblock the affected computer and avoid the jail is to pay the fine of several hundreds of dollars. Of course, you should never agree with this because you can never be sure that your payment will help you to unlock your computer.

Unfortunately but hackers don’t sleep and keep updating their viruses each day. FBI virus is not an exception. According to several dozen of reports, this ransomware threat has recently been designed for Android OS. This means that now it is capable of infecting these devices and locking them down. It is known that FBI Android virus is just a newer version of Koler malware, that was discovered less than a year ago. Just like other versions of this threat, it is spread thru fake alerts offering people to update their Adobe Flash Player, Java or similar programs. Such ads are mostly displayed on illegal websites but they may also show up when visiting legitimate sites that were hacked by the owners of Android ransomware. Of course, it is also possible to get infected with this threat via infected email attachments, so stay away from suspicious mails actively offering you to download their attachment. As soon as this ransomware gets inside the system, it locks the device and causes such alert:

ATTENTION! Your phone has been blocked up for safety reasons listed below.

All the actions performed on this phone are fixed.

All your files are encrypted.


You are accused of viewing/storage and/or dissemination of banned pornography (child pornography/zoophilia/rape etc.) You have violated World Declaration on non-proliferation of child pornography. You are accused of committing the crime envisaged by Article 161 of United Stated of America criminal law.

Article 161 of United States of America criminal law provides for the punishment of deprivation of liberty for terms from 5 to 11 years.

Also, you are suspected of violation of “Copyright and Related rights Law” (downloading pof pirated music, video warez) and of use and/or dissemination of copyrighted content. Thus, you are suspected of violation of Article 148 of United States of America criminal law.


The penalty set must be paid in course of 48 hours as of the breach. On expiration of the term, 48 hours that follow will be used for automatic collection of data on yourself and your misconduct, and criminal case will be opened against you.

Amount of fine is 300$. You can settle the fine with MoneyPak xpress Packed vouchers.

As soon as the money arrives to Treasury account, you phone will be unblocked and all information will be decrypted in course of 24 hours.

Of course, this alert is a scam that should never be trusted. Governmental authorities, such as FBI, Police Central e-crime Unit, An Garda Síochana, Royal Canadian Mounted Police, Australian Federal Police and many others, do NOT lock PCs and other devices in order punishing their owners. Please, do NOT pay the fine because you will do the only thing – you will support the creators of FBI Android virus.

Beware that when infected with this threat you may also lose the ability to reach your important files. The good news is that this threat can hardly encrypt your files, what means that they can be recovered by eliminating this virus from the system. However, getting into Settings and trying to unlock the system may be a hard task, especially if you are not an experienced user. For that you can use these steps:


1. Reboot your Android device into Safe Mode:

  1. Find the power button and press it for a couple of seconds until you see a menu. Tap the Power off.
  2. Once you see a dialog window that offers you to reboot your Android to Safe Mode, select this option and OK.

If this failed to work for you, just turn off your device and then turn it on. Once it becomes active, try pressing and holding Menu, Volume Down, Volume Up or Volume Down and Volume Up together to see Safe Mode.

2. Uninstall malicious app (FBI Android virus may hide under BaDoink, Video Player, Network Driver System, Video Render, ScarePakage and other suspicious names):

  1. When in Safe Mode, go to Settings. Once there, click on Apps or Application manager (this may differ depending on your device).
  2. Here, look for previously mentioned malicious app(s) and uninstall all of them.

If this failed, enter a random, 15 digit length, code of imaginary MoneyPak xpress Packed voucher that is asked by FBI android virus or follow these steps:

  1. Go to Settings -> Security. Here, select Device administrators.
  2. Here, look for previously mentioned malicious app(s) and uncheck it
  3. In order to finish the removal of FBI Android virus, select Deactivate and OK.

About the author

Ugnius Kiguolis
Ugnius Kiguolis - The mastermind

Ugnius Kiguolis is a professional malware analyst who is also the founder and the owner of 2-Spyware. At the moment, he takes over as Editor-in-chief.

Contact Ugnius Kiguolis
About the company Esolutions

Read in other languages

  • Matthew Pinn

    I tried everything even the phony numbers but nothing worked please help it’s model is GT-S7560M

  • Caravaggio2

    How do I un-block my ipad from Article 161

  • Tj Sletten-Turnbull

    I have done all these steps and they failed even the Things here!
    Go to Settings -> Security. Here, select Device administrators.
    Here, look for previously mentioned malicious app(s) and uncheck it
    In order to finish the removal of FBI Android virus, select Deactivate and OK They did no work it would not let me unchecked the virus and the ok button was scrambled with different letters. i tried this step mutiple times with different codes and it didnt work. i was playing CoC and their was a download installing at first i didnt care then after it said “XXXPornPlayer has been installed,” and then my phone had this message on it like above on this page. I really need help i have tried different methods on different web pages and none seem to be working can somebody plz help me plz

  • nj

    I have a advail 2 touchscreen android and im literally crying over here about this fbi stuff! Can somebody please help me please?

  • isaac timer

    sooooo glad i looked this bull up brfore shellng out the 500 it asked for. my word, what a dick move.

  • Jimmy A Jones

    It worked !!!! Thanks

  • Samuel Park

    Thank you so much! This page helped me out a lot.

  • Melissa Espinoza

    I just tried it & nothing happened what else can I do

  • spb bre

    For the Kindle fire there should be a little tab that says reload at the bottom of the screen hit that and before it loads exit out at the top of the screen

  • Zotos Kuro Muramoto

    i have followed every step but my phone wont go into safe mode and i am unable to access anything including settings… any advice?

    • Zotos Kuro Muramoto

      for older androids just turn phone off and on several times then use the quick memo feature of your phone by holding down the volume buttons

  • Charlie Mac

    I got a variation of this virus on my Kindle Fire, but I cannot boot into safe mode as it has no volume buttons. i have tried everything in my power so far to remove it, ANY help on this matter is very much appreciated. A quick response from anybody that can help would be extremely helpful. Thank you in advance.

    • spb bre

      Hit the reload button on the actual FBI screen then before it reloads exit out of the screen and the tab and you’re good to go hope it helps you

      • Charlie Mac

        Thanks for the response, but I fixed it by performing a factory reset. I had a passcode to unlock my kindle so entered the wrong code till it gave an option for a factory reset.

  • luis

    Got the reveton virus on my android s3 and those steps on top really worked
    Turn of your phone hold volume down and up same time with power button when first announcement on your phone appears let go of the power button and hold on to the volume keys until its completely on saying safe mode then after that just follow the steps this webiste gives you and your free.

  • Hogan1toon

    i got this virus on my pc, if you unplug ur computer and wait a couple of days then it will go away…

    • juanvalenzuela976

      hey just wanna say it worked..at first I almost got freaked out, so many things ran through my mind, it worked!!!thank u and phew next time im more cautious and ur right that’s a messed up move..

  • Brian Mroch

    how can i git rid of that fbi virus on my nextbook8 tablit for free

    • Michael

      Use this method, its free ;-;

  • Brian Mroch

    how do i git rid of thatfbi virus on my nextbook8 tablit for free

Like us on Facebook