Koler, the new Ransomware for Android. Ransomware has become very popular in recent years, and that's because it's a profitable business for criminals. A kind of REVETON family leaves your data intact, but it locks you out of the system. Of course to let you have access again requires a ransom. Another kind ransomware, the CryptoLocker, leaves your computer running fine, but encrypts your data and demands a ransom for key decryption.
The fee requested by criminals is about 300 dollars and usually the desperate owners of the infected devices pay for them.
In recent weeks, a new pay-to-unlock ransomware has made its appearance in Appliances Android, and the recovery price of an infected system is set at $300.
Introducing "Koler"
Perhaps the most talked about ransomware for Android right now is known as "Koler", a threat that follows a very similar design to the malware REVETON mentioned above.
In fact, it seems that the gang behind REVETON is the scammers developed by Koler, with a conversion of the platform to work from Windows to Android.
The malware is known as san "policeware" and displays on your Android screen a warning claiming that you are being monitored by federal agents for some alleged criminal activity.
Once the malware has been installed, it downloads and displays a warning screen saying police are blaming you for viewing illegal pornographic material.
Malicious software requires a ransom of 300 dollars, to be paid through the MoneyPak service, to unlock your phone.
To install it, according to reports, the scammers suggest you install a special "video player". Those who have allowed their devices to download apps outside of the Google Play Store are at risk of infection. So disable “Allow installation of apps from unknown sources.”
When a device becomes infected, it displays the following message:
WARNING! your phone has been blocked up for safety reasons listed below. All the actions performed on this phone are fixed. All your files are encrypted. CONDUCTED AUDIO AND VIDEO.
Its products Sophos, detect this malware, like Andr/Koler-A.
How to get rid of Koler
The good news is that Koler does not "bother" your data as it claims. It just locks your phone with a browser pop-up window.
The bad news is that because this window is constantly re-appearing it makes it almost impossible to access the Settings for removing malicious software.
Even rebooting will not help as malicious software loads during the restart process.
A factory reset will relieve you of this, but you will lose all of your other installed applications and stored data.
Using Android in "Safe Mode" you can get rid of it without losing your data.
Put Android in "Safe Mode"
Press and hold the power button as you would to turn off or restart your device.
A menu will appear.
Press and hold “Off” or “Power off”.
If nothing happens try the same as "Reboot".
A dialog will appear and will offer you to restart in safe mode.
If this method does not work on your device, type it into Google name of your device along with “Safe Mode” and you will see several results.
After entering your device with Safe Mode, find the name of the software that Koler malware brought to your device. In the case of Sophos photo malware came to an Android tablet with BaDoink.
Proceed to the device settings and then the installed applications, find the application name and remove it.
Beware with ransomware
Install a trusted anti-virus program that will scan all new applications automatically before they run for the first time.
Be careful of applications offered in advertisements and pop-ups.
Stay with the default Android setting that lets you install apps from Google Play only.
Back up your important data.