Koler, the new Ransomware for Android. Τα Ransomware έχουν γίνει πολύ δημοφιλή τα τελευταία χρόνια, και αυτό γιατί είναι αρκετά επικερδής επιχείρηση για τους εγκληματίες. Ένα είδος της οικογένειας REVETON, αφήνει τα δεδομένα σας ανέπαφα, αλλά σας κλειδώνει έξω από το σύστημα. Βέβαια για να σας αφήσει να έχετε και πάλι πρόσβαση απαιτεί λύτρα. Ένα άλλο είδος ransomware, the CryptoLocker, leaves your computer running fine, but encrypts your data and demands a ransom for the key fromencryptions.
The fee requested by criminals is about 300 dollars and usually the desperate owners of the infected devices pay for them.
In recent weeks, a new pay-to-unlock ransomware has made its appearance on Android devices, and the price of recovering an infected system is set at $300.
Introducing "Koler"
Perhaps the most talked about ransomware for Android right now is known as "Koler", a threat that follows a very similar design to the malware REVETON mentioned above.
In fact, it seems that the gang behind REVETON is the scammers developed by Koler, with a conversion of the platform to work from Windows to Android.
The malware is known as san "policeware" and displays on your Android screen a warning claiming that you are being monitored by federal agents for some alleged criminal activity.
Once the malware has been installed, it downloads and displays a warning screen saying police are blaming you for viewing illegal pornographic material.
The malware demands a ransom of $300, which should be paid through services MoneyPak, to unlock your phone.
Για την εγκατάσταση του, σύμφωνα με δημοσιεύματα, οι απατεώνες σας προτείνουν να εγκαταστήσετε ένα ειδικό “video player”. Κινδυνεύουν να μολυνθούν αυτοί που έχουν επιτρέψει στις συσκευές τους να κατεβάζουν εφαρμογές εκτός του Google Play Store. Γι'αυτό απενεργοποιήστε το “Allow installation of apps from unknown sources.”
When a device becomes infected, it displays the following message:
ATTENTION! Your phone has been blocked for safety reasons listed below. All actions performed on this phone are fixed. All your files are encrypted. CONDUCTED AUDIO AND VIDEO.
Sophos products, detect this malicious software, like Andr / Koler-A.
How to get rid of Koler
The good news is that Koler does not "bother" your data as it claims. It just locks your phone with a browser pop-up window.
The bad news is that because this window is constantly re-appearing it makes it almost impossible to access the Settings for removing malicious software.
Even rebooting will not help as malicious software loads during the restart process.
A factory reset will relieve you of this, but you will lose all of your other installed applications and stored data.
Using Android in "Safe Mode" you can get rid of it without losing your data.
Put Android in "Safe Mode"
Press and hold the power button as you would to turn off or restart your device.
A menu will appear.
Press and hold “Off” or “Power off”.
If nothing happens try the same as "Reboot".
A dialog will appear and will offer you to restart in safe mode.
If this method does not work on your device, enter your device name in Google along with "Safe Mode" and you will see several results.
After entering your device with Safe Mode, find the name of the software that Koler malware brought to your device. In the case of Sophos photo malware came to an Android tablet with BaDoink.
Proceed to the device settings and then the installed applications, find the application name and remove it.
Beware with ransomware
Install a trusted anti-virus program that will scan all new applications automatically before they run for the first time.
Be careful of applications offered in advertisements and pop-ups.
Stay with the default Android setting that lets you install apps from Google Play only.
Back up your important data.
