Dynamic Pop for Note 4 (N910T & 910W8)

With the release of the Canadian Lollipop ROM for the Note 4, T-Mobile users can also enjoy the … more

Sunday Debate: Better to Buy Older or Newer Hardware?

Join us in a fun Sunday Debate on New vs. Old. Come with your opinions and feel … more

HTC Sense Camera & Gallery for M8 GPE Lollipop

If you are running a GPE ROM and miss the sense gallery and camera, this flashable zip by … more

XenonHD Unofficial AOSP-based ROM for Find 7a

XDA Recognized Contributor uppon2 & Team Horizon are bringing the Oppo … more
Post Reply Subscribe to Thread Email Thread

[Q] Ransomware on Nexus 7 Please Help

21st April 2014, 08:51 PM |#1  
OP Junior Member
Thanks Meter: 0
 
1 posts
Join Date:Joined: Apr 2014
Hi All,

I was just helping my son on his nexus 7, we were on castle clash and downloaded a free tapjoy offer called funny ringtones. However when we clicked open/activate it locked his tablet and all it is showing is a blue screen with a keypad on it asking for a pin however we have never set a pin on this so it's obviously part of the virus. It is asking us to click a link then there is a box that asks us to enter the code for a ukash voucher, it says if we don't do this all of his files etc will be wiped off within 24 hours.

I have tried starting the tablet in safe mode but it still just has the locked blue keypad screen showing, please can anyone advise what we can do?


Many thanks
 
 
22nd April 2014, 10:53 AM |#2  
gsmyth's Avatar
Senior Member
Thanks Meter: 540
 
1,578 posts
Join Date:Joined: Dec 2010
More
Quote:
Originally Posted by deepblue364

Hi All,

I was just helping my son on his nexus 7, we were on castle clash and downloaded a free tapjoy offer called funny ringtones. However when we clicked open/activate it locked his tablet and all it is showing is a blue screen with a keypad on it asking for a pin however we have never set a pin on this so it's obviously part of the virus. It is asking us to click a link then there is a box that asks us to enter the code for a ukash voucher, it says if we don't do this all of his files etc will be wiped off within 24 hours.

I have tried starting the tablet in safe mode but it still just has the locked blue keypad screen showing, please can anyone advise what we can do?


Many thanks

There seems to be a few people having problems with this in the last 24 hours:
http://www.pcadvisor.co.uk/forums/1/...-hudl-android/

As a last resort you can try booting into recovery (power off, hold volume down and power on) and performing a factory reset. This will wipe all your data/apps though.

Once up and running again install and run Malware bytes.
https://play.google.com/store/apps/d...es.antimalware
22nd April 2014, 04:30 PM |#3  
Captain Sweatpants's Avatar
Senior Member
Flag Edinburgh
Thanks Meter: 83
 
329 posts
Join Date:Joined: Feb 2014
More
Quote:
Originally Posted by deepblue364

Hi All,

I was just helping my son on his nexus 7, we were on castle clash and downloaded a free tapjoy offer called funny ringtones. However when we clicked open/activate it locked his tablet and all it is showing is a blue screen with a keypad on it asking for a pin however we have never set a pin on this so it's obviously part of the virus. It is asking us to click a link then there is a box that asks us to enter the code for a ukash voucher, it says if we don't do this all of his files etc will be wiped off within 24 hours.

I have tried starting the tablet in safe mode but it still just has the locked blue keypad screen showing, please can anyone advise what we can do?


Many thanks

If you have time before the wiping it I will see if I can infect my nexus with this. This is the first time ransomware has been seen on an android device so as yet there is no bullet proof way to remove it on windows a live CD can be used but on android that's not an option. The fact that it is still there in safe mode is worrying because that means it must have found a way to write to the system partition. Was your tablet rooted?

Sent from my C5303 using xda app-developers app
The Following User Says Thank You to Captain Sweatpants For This Useful Post: [ View ]
23rd April 2014, 09:36 PM |#4  
Captain Sweatpants's Avatar
Senior Member
Flag Edinburgh
Thanks Meter: 83
 
329 posts
Join Date:Joined: Feb 2014
More
OK I have been unable to find a solution to your problem without wiping the tablet.
I have assumed the bootloader locked tablet not rooted and USB debugging not enabled the only solution I can see is to boot to recovery and hard reset losing all data. If USB debugging is enabled then it is possible to uninstall apps via adb.

Programming is a race between engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.
29th April 2014, 10:17 AM |#5  
Junior Member
Thanks Meter: 0
 
1 posts
Join Date:Joined: Apr 2014
Ransomeware
Quote:
Originally Posted by deepblue364

Hi All,

I was just helping my son on his nexus 7, we were on castle clash and downloaded a free tapjoy offer called funny ringtones. However when we clicked open/activate it locked his tablet and all it is showing is a blue screen with a keypad on it asking for a pin however we have never set a pin on this so it's obviously part of the virus. It is asking us to click a link then there is a box that asks us to enter the code for a ukash voucher, it says if we don't do this all of his files etc will be wiped off within 24 hours.

I have tried starting the tablet in safe mode but it still just has the locked blue keypad screen showing, please can anyone advise what we can do?


Many thanks


i also have same Ransomeware and have failed solve problem via Nexus Root kit software -as my device is locked and am not 100% certain of the ""build number " i wud try factory reset if i cud get it to recovery all app/data back up .
29th April 2014, 03:59 PM |#6  
Captain Sweatpants's Avatar
Senior Member
Flag Edinburgh
Thanks Meter: 83
 
329 posts
Join Date:Joined: Feb 2014
More
Quote:
Originally Posted by winny stu


i also have same Ransomeware and have failed solve problem via Nexus Root kit software -as my device is locked and am not 100% certain of the ""build number " i wud try factory reset if i cud get it to recovery all app/data back up .

You can't recover data the best you can do is boot to recovery power & vol- then factory reset

Sent from my C5303 using xda app-developers app
The Following User Says Thank You to Captain Sweatpants For This Useful Post: [ View ]
Post Reply Subscribe to Thread
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes