Android Ransomware Guide: How to Remove and Protect

Best Anti-Malware App

MalwareFox for Android

  • Cleans Virus and Malware from Phone
  • Protects from Adware / Spyware
  • Secures Privacy

Gone are the days of spreading virus and malware for pranks. Ransomware is the next-level, capitalistic form of malicious software attack. While it has been in development for years and small attacks have been reported, it has been steadily growing since 2012.

WannaCry took the world by storm in 2017 and not in a good way. Over 200,000 victims were affected including government agencies, private corporations, and individuals. Since then, ransomware has become the top 5 threat.

What is Ransomware?

Ransomware is a type of malicious software that threatens to block access to one’s machine or public one’s data unless a ransom is paid. It is commonly carried out using a Trojan that tricks users into thinking that it is a legitimate file or program.

After running the Trojan, it will invoke the ransomware to encrypt the victim’s files making them inaccessible. Then, they will demand payment, usually through cryptocurrency to “unlock” the files.

Can Android Mobile Devices Get Ransomware?

Just like any device, mobile phones are susceptible to ransomware attacks. Two of the most common Android ransomware are locker ransomware and crypto ransomware.

Locker ransomware denies access to your mobile device using a locking mechanism or a popup overlay on the user interface. It does not encrypt your files, but you cannot use your mobile phone altogether. It is the most common Android ransomware attacks.

Crypto ransomware encrypts your files and takes over your device. While this is much more common in computers, it can also attack mobile devices.

In 2017, it was reported that ransomware demand increased from around $300 in 2015 to over $1000.

How Do You Get Ransomware?

Smartphones, specifically Android devices, are increasingly popular nowadays. These devices have become a lucrative target for most hackers as they have more potential victims.

In 2016, AV-TEST reported that a ransomware called Lockscreen entered the top 10 Android malware.

Social engineering is the most common method of infiltrating mobile devices. Malicious software will trick you into downloading seemingly legitimate applications. It is much more common if you download applications from third-party app stores.

Some attacks begin as an email or SMS links. Once you click on the link, it will prompt you to download a file or a program which will start the ransomware attack.

For example, a new variant of Android ransomware called Koler was able to replicate itself by sending SMS messages to the contacts in the victim’s address book. The message contains a URL that downloads the malware into another victim’s phone.

Examples of Android Ransomware

The number of Android ransomware is continuously increasing. Moreover, they are getting better and better at tricking the user into downloading them.

  • WannaLocker – A copycat of the infamous WannaCry, it went after Android phones in June 2017. WannaLocker targeted Chinese Android users via popular gaming forums. It disguised itself as a plugin for the game “King of Glory” and demanded about 5 to 6 USD from the victims.
  • DoubleLocker – Aptly named for its ability to encrypt the user’s data and change the device’s security pin code. It was disguised as a fake Adobe Flash update through infected websites. DoubleLocker is continuously evolving and may even directly steal money from your bank through their mobile apps.
  • LeakerLocker – It threatens to share the victim’s data including photos, messages, emails, location history, and web history along with phone and email contacts. It infiltrated the Google Play Store as a fake app and demanded $50 ransom from the victims.

What To Do If You Get Ransomware?

You can remove the Android ransomware by booting into your mobile phone’s Safe Mode and uninstall the suspected application.

First, hold down the physical Power button until you see the Power off prompt on your screen.

  How to Remove Malware from Android

power off

Then, long-press the Power off button on your screen until the Reboot to safe mode dialog box appears.

reboot to safe mode

Press OK. Your device should reboot into Safe Mode. You should see the words “Safe Mode” in the lower left corner of your screen.

safe mode

In Safe Mode, go to Settings -> Apps. From here, uninstall the ransomware and related application.


We also recommend that you disallow non-official app installations. Go to Settings -> Security. Then, uncheck the Unknown sources box.

Protect Yourself From Ransomware

Ransomware attacks have been increasing every year. Cisco reported that ransomware is steadily growing at a yearly rate of 350%. Moreover, the 2016 Cybercrime Report by Cybersecurity Ventures predicts that damages from ransomware attacks will reach $6 trillion annually by 2021.

There is no reason for not being vigilant and not protecting your Android device. Only download applications from trustworthy sources. Google Play Store is continuously improving its security over the years. Downloading applications from the official Android app store reduces the chances of ransomware attacks.

Keep your Android device updated. Android developers regularly release new patches and updates. Make sure to install the offered updates as soon as you receive notifications on your device.

Back up your mobile data on your computer hard drive, one a portable device, or in the cloud. Having your files easily accessible outside your mobile device will give you the peace of mind even if you are under a ransomware attack.

More importantly, install anti-malware applications like MalwareFox for Android. Its complete protection from malicious software will stop any attacks even before you download any files or applications. Regularly scan your mobile phone using MalwareFox to identify possible vulnerabilities and weaknesses.

malwarefox for android

Final Thoughts

At the end of the day, staying vigilant will protect your devices from vicious ransomware attacks. Do not take any chances by falling for fake applications especially on untrusted sources. Ensure that you protect your device by installing a robust anti-malware application.

Leave a Comment