[Q] Ransomware on Nexus 7 Please Help

Search This thread
By:
Advanced…
D

deepblue364

New member
Apr 21, 2014
1
0
Hi All,

I was just helping my son on his nexus 7, we were on castle clash and downloaded a free tapjoy offer called funny ringtones. However when we clicked open/activate it locked his tablet and all it is showing is a blue screen with a keypad on it asking for a pin however we have never set a pin on this so it's obviously part of the virus. It is asking us to click a link then there is a box that asks us to enter the code for a ukash voucher, it says if we don't do this all of his files etc will be wiped off within 24 hours.

I have tried starting the tablet in safe mode but it still just has the locked blue keypad screen showing, please can anyone advise what we can do?


Many thanks
 
gsmyth

gsmyth

Senior Member
Dec 16, 2010
2,431
769
Redmi Note 9 Pro
Redmi Note 9
deepblue364 said:
Hi All,

I was just helping my son on his nexus 7, we were on castle clash and downloaded a free tapjoy offer called funny ringtones. However when we clicked open/activate it locked his tablet and all it is showing is a blue screen with a keypad on it asking for a pin however we have never set a pin on this so it's obviously part of the virus. It is asking us to click a link then there is a box that asks us to enter the code for a ukash voucher, it says if we don't do this all of his files etc will be wiped off within 24 hours.

I have tried starting the tablet in safe mode but it still just has the locked blue keypad screen showing, please can anyone advise what we can do?


Many thanks
Click to expand...
Click to collapse

There seems to be a few people having problems with this in the last 24 hours:
http://www.pcadvisor.co.uk/forums/1/tech-helproom/4467625/ukash-virus-on-hudl-android/

As a last resort you can try booting into recovery (power off, hold volume down and power on) and performing a factory reset. This will wipe all your data/apps though.

Once up and running again install and run Malware bytes.
https://play.google.com/store/apps/details?id=org.malwarebytes.antimalware
 
Captain Sweatpants

Captain Sweatpants

Senior Member
Feb 18, 2014
329
85
Edinburgh
deepblue364 said:
Hi All,

I was just helping my son on his nexus 7, we were on castle clash and downloaded a free tapjoy offer called funny ringtones. However when we clicked open/activate it locked his tablet and all it is showing is a blue screen with a keypad on it asking for a pin however we have never set a pin on this so it's obviously part of the virus. It is asking us to click a link then there is a box that asks us to enter the code for a ukash voucher, it says if we don't do this all of his files etc will be wiped off within 24 hours.

I have tried starting the tablet in safe mode but it still just has the locked blue keypad screen showing, please can anyone advise what we can do?


Many thanks
Click to expand...
Click to collapse

If you have time before the wiping it I will see if I can infect my nexus with this. This is the first time ransomware has been seen on an android device so as yet there is no bullet proof way to remove it on windows a live CD can be used but on android that's not an option. The fact that it is still there in safe mode is worrying because that means it must have found a way to write to the system partition. Was your tablet rooted?

Sent from my C5303 using xda app-developers app
 
  • Like
Reactions: Juggernaut79
Captain Sweatpants

Captain Sweatpants

Senior Member
Feb 18, 2014
329
85
Edinburgh
OK I have been unable to find a solution to your problem without wiping the tablet.
I have assumed the bootloader locked tablet not rooted and USB debugging not enabled the only solution I can see is to boot to recovery and hard reset losing all data. If USB debugging is enabled then it is possible to uninstall apps via adb.

Programming is a race between engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.
 
W

winny stu

New member
Apr 29, 2014
1
0
Ransomeware

deepblue364 said:
Hi All,

I was just helping my son on his nexus 7, we were on castle clash and downloaded a free tapjoy offer called funny ringtones. However when we clicked open/activate it locked his tablet and all it is showing is a blue screen with a keypad on it asking for a pin however we have never set a pin on this so it's obviously part of the virus. It is asking us to click a link then there is a box that asks us to enter the code for a ukash voucher, it says if we don't do this all of his files etc will be wiped off within 24 hours.

I have tried starting the tablet in safe mode but it still just has the locked blue keypad screen showing, please can anyone advise what we can do?


Many thanks
Click to expand...
Click to collapse


i also have same Ransomeware and have failed solve problem via Nexus Root kit software -as my device is locked and am not 100% certain of the ""build number " i wud try factory reset if i cud get it to recovery all app/data back up .
 
Captain Sweatpants

Captain Sweatpants

Senior Member
Feb 18, 2014
329
85
Edinburgh
winny stu said:

i also have same Ransomeware and have failed solve problem via Nexus Root kit software -as my device is locked and am not 100% certain of the ""build number " i wud try factory reset if i cud get it to recovery all app/data back up .
Click to expand...
Click to collapse

You can't recover data the best you can do is boot to recovery power & vol- then factory reset

Sent from my C5303 using xda app-developers app
 
  • Like
Reactions: Juggernaut79
You must log in or register to reply here.

Similar threads

lazaro17
  • Poll
Nexus 7 defects?
Replies
1K
Views
366K
T
Toulouse86
D
Nexus 7 not recognised when connected via USB
Replies
321
Views
321K
K
kingabo
J
[SOLVED] Nexus 7 charger/cable issues
Replies
228
Views
247K
Charles IV
Charles IV
N
[Q][Solved]My Nexus 7 is very slow to charge
Replies
213
Views
249K
H
happy-kat
KidCarter93
Nexus 7 Help Thread
Replies
973
Views
112K
V
VollNoob

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 1
    Captain Sweatpants
    Captain Sweatpants
    deepblue364 said:
    Hi All,

    I was just helping my son on his nexus 7, we were on castle clash and downloaded a free tapjoy offer called funny ringtones. However when we clicked open/activate it locked his tablet and all it is showing is a blue screen with a keypad on it asking for a pin however we have never set a pin on this so it's obviously part of the virus. It is asking us to click a link then there is a box that asks us to enter the code for a ukash voucher, it says if we don't do this all of his files etc will be wiped off within 24 hours.

    I have tried starting the tablet in safe mode but it still just has the locked blue keypad screen showing, please can anyone advise what we can do?


    Many thanks
    Click to expand...
    Click to collapse

    If you have time before the wiping it I will see if I can infect my nexus with this. This is the first time ransomware has been seen on an android device so as yet there is no bullet proof way to remove it on windows a live CD can be used but on android that's not an option. The fact that it is still there in safe mode is worrying because that means it must have found a way to write to the system partition. Was your tablet rooted?

    Sent from my C5303 using xda app-developers app
    View
    1
    Captain Sweatpants
    Captain Sweatpants
    winny stu said:

    i also have same Ransomeware and have failed solve problem via Nexus Root kit software -as my device is locked and am not 100% certain of the ""build number " i wud try factory reset if i cud get it to recovery all app/data back up .
    Click to expand...
    Click to collapse

    You can't recover data the best you can do is boot to recovery power & vol- then factory reset

    Sent from my C5303 using xda app-developers app
    View

New posts