Ransomware on Android Phones

Ransomware on Android Phones: How Much Do you Stand to Lose?


Ransomware is as insidious as malwares get. And audacious too! While other viruses, Trojans and spywares attempt to infect your system, disrupt operations and steal sensitive information, ransomware locks you out of your system outright. And it often does so in the guise of a fully functional façade app or “fines” from government organizations like the FBI for supposed transgressions.


How to tell if you are being held ‘ransom’?

Your Android phone or tablet screen will be plastered with the message that your information and system has been locked down because you did something to jeopardize national security. Or indulged in prohibited practices – like watching banned videos!

The message goes on to say that a fine or a penalty fee of several hundred dollars is required to gain access to your data.

You are instructed to purchase a pre-loaded card like Ukash or PaySafe and enter the code to transfer the amount to an untraceable account. Once this transaction is complete, you can hope to have your phone working again. But you can never be sure of how much personal information has been removed and may potentially be used against you.

Ransomware causes stress, compromises your identity, and may push you to actually pay the “ransom” in despair.

But does it have to be this way?

Absolutely not!

In fact users can protect their phones so that ransomware fails to install in the first place, they can be very cautious of links and attachments they aren’t supposed to receive and lastly, in the worst case scenario – they can actually remove the ransomware from their Android devices in just a few clicks.

Let’s discuss these instances.

Better Safe than Sorry: Keeping Ransomware at Bay

Those who have rooted their phones are more susceptible to Ransomware. So if you have unlocked the capacity of your device, the first thing that you can do is visit the Google Play Store and download an “unrooting” application to safely reverse the state.


You should also take care to ensure that your Android device only accepts apps from the Play Store and verifies them before installation. This gives you two layers of protection:

  1. The Play Store is constantly monitored. Ransomware masquerading as an app can’t hide for long.
  2. Your phone also carries out its own verification and alerts you if anything is amiss.


Simply visit Settings, click on Security and then uncheck “Unknown Sources” while keeping the option Verify Apps ticked.
Ransomware on Android


Last but not the least, have a rudimentary scanner or anti-virus solution in place as an additional barrier and deterrent to malware.


Double Checking with Friends

Some particularly vicious variants of ransomware not only hijack your device, but they also raid your contacts and attempt to spread the havoc to your friends and acquaintances. So if you receive mysterious SMS in your text inbox from people you know asking you to download an attachment from Dropbox to enjoy enhanced user privileges, steer clear of the message. And delete it immediately. Your contact may have been hoodwinked by ransomware.


In that case instruct them to follow the process detailed below.


Removing Ransomware from an Infected Android Device:


Removing ransomware is not as complicated as it sounds. There are no special tools or apps required.


1.     You need to enter the Android Safe Mode before you can proceed. Tap and hold the power button on the top or side of your device for a few seconds. This will open up a modal that will allow you to choose the Power Off option. Select it. Once this is done, press and hold the power button again and you should see the prompt to “Reboot to Safe Mode”.   Tap OK.

Ransomware on Android phones


2.     The Safe Mode is essential here because in this setting, only the native apps or the ones that came pre-installed on the device operate. It is the perfect opportunity to identify the rogue application (in most cases it is the Flash Player but it might also look like an innocuous system update) and disable it. When you are in the Safe Mode, you should see a tag “Safe Mode” to the bottom left of the screen.


3.     Next navigate to Settings and click on Applications. Disable and uninstall the apps that may be the culprit. Ransomware marinates for some time before revealing itself. But it is generally going to be one of the most recent installs.


4.     Shut down the system and turn it on. Your screen should be clear and you will be able to use your device again.


Ransomware on Android phones is annoying. And you can’t be cautious enough. A regular ritual of safety – one that includes Android system updates and data backups can save you a pretty penny!

About Recover Android Files

Recover Android Files is a comprehensive online resource providing tips, suggestions, and tutorials on how you can safely recover lost or deleted files from your Android device. Check out this page regularly for news and updates.