FBI android virus

FBI virus (also known as “Android porn” or “Adult Player” virus) is now available for android mobile phones as well. It is listed as a ransomware because it locks your certain files and asks you to pay some money in order to unlock them. It is also known as a Trojan Koler malware and if your smartphone is infected with it, you will see a message like this: “ATTENTION! Your phone has been blocked up for safety reasons”. It says that this message is sent by a law enforcement agency (FBI, Australian Federal Police, Metropolitan Police, U.S. Department of Justice) and asks you to pay a fine using one of the following payment systems: GreenDot MoneyPak, Ukash or Paysafecard.

This virus is traveling around the Internet via infected websites. If you are visiting a suspicious looking website and you are offered to install some video player application, do not do this as this possibly can be FBI android ransomware. This virus can only be added to your mobile phone or tablet if you have changed your security settings and have allowed installation of apps from unknown sources, because FBI android virus is not available at Google Play Store. It can also be installed instead of some legitimate looking software, for example Adobe Flash Player update or similar. If you want to avoid getting infected with FBI android ransomware, you should be very careful when browsing the Internet using your mobile device – avoid suspicious looking websites.

The message informs you about a supposedly true fact that your phone or tablet was locked due to some violations made by the owner of the device – for example downloading prohibited content (pornography, copyrighted data and so on). Your mobile device will be completely locked and you will not be able to use it until this virus is not removed for good. Every time you will try to reach some application or simply use your smartphone, you will not be allowed to do this and will see a warning message.

To be able to use your mobile device once again, you will be asked to pay a fine (or a ransom) of approximately $300. The creators of this bogus message prefer this payment to be done using MoneyPak, Ukash, Paysafecard or MoneyGram Xpress voucher payment systems because it is more complicated to track them through these payment networks than when using Paypal or other more popular payment systems.

This ransomware claims that it encrypts your files and the only way to decrypt them is to pay a ransom. The good news is that it is not true. It does not encrypt your files it just blocks you from using your mobile device by displaying pop-over window with the warning message mentioned above. The problem is, that due to this pop-over window you will not be able to reach your system control settings and remove this malware from your device. Even if you try to reboot and then quickly perform this it is not possible, because FBI android virus starts very early when your phone or tablet is just booting.

FBI-virus-android

A lot of users gets scared because this ransomware creates an image of a valid law institution. However, keep in mind that no official institution would ever do that. The message usually looks something like this (the languages may vary  depending on the infected device’s location):

“ATTENTION! Your phone has been blocked up for safety reasons listed below.
All the actions performed on this phone are fixed.
All your files are encrypted.
CONDUCTED AUDIO AND VIDEO.

You are accused of viewing/storage and/or dissemination of banned pornography (child pornography/zoophilia/rape etc.) You have violated World Declaration on non-proliferation of child pornography. You are accused of committing the crime envisaged by Article 161 of United Stated of America criminal law.

Article 161 of United States of America criminal law provides for the punishment of deprivation of liberty for terms from 5 to 11 years.

Also, you are suspected of violation of “Copyright and Related rights Law” (downloading pof pirated music, video warez) and of use and/or dissemination of copyrighted content. Thus, you are suspected of violation of Article 148 of United States of America criminal law.

Article 148 of United States of America criminal law provides for the punishment of deprivation of liberty for terms from 3 to 7 years or 150 to 550 basic amounts fine.

It was from your phone, that unauthorized access had been stolen information of State importance and to data closed for public Internet access.

[…]

The penalty set must be paid in course of 48 hours as of the breach. On expiration of the term, 48 hours that follow will be used for automatic collection of data on yourself and your misconduct, and criminal case will be opened against you.

Amount of fine is 300$. You can settle the fine with MoneyPak xpress Packed vouchers.

As soon as the money arrives to Treasury account, you phone will be unblocked and all information will be decrypted in course of 24 hours.”

You should not pay ransom for these scammers because there are other ways to get rid of it. If you have already done it, please contact your banking service and try to refund your money. Don’t forget to mention that you have paid for a virus or have been scammed, this will improve your chances of getting your money back. If you haven’t done that yet and your android phone is locked right now, please follow the instructions given below and get rid of it.

As reported lately, FBI android ransomware can be removed from your device the same way as Simplelocker ransomware. Avast Malware Removal app claims can both remove the ransomware and decrypt encrypted files.

This is an older variant of a ransomware so it might be that it is no longer actively distributed. If you get infected, the way out of this situation is described below. However, it is more likely to get infected with this type of viruses and not this one in particular. Since 2014 when FBI android virus was first discovered a lot has happened and such crypto-nightmares have become a regularly supplemented family.

How to uninstall FBI android ransomware from your phone

1. Reboot your phone to Safe mode. Press your power button and then press and hold “Power Off” option. If no other option appears quickly, then press “Reboot” instead of “Power off”. When you select to reboot your phone, a new window will pop-up that will offer you to reboot your phone into safe mode. Select “OK”.

reboot-to-safe-mode

If you have done this properly, you will see a “Safe Mode” watermark in the bottom left corner of your screen.

Android-Safe-Mode

2. Uninstall FBI ransomware from your mobile device. Please notice that FBI android virus is hiding behind the name of “BaDoink” so you need to remove this application. Go to settings menu, then click “Apps” or “Application manager”.

android-settings-menu

Search for the app called “DaBoink” (please notice that in the future hackers can change this name, for example it can be called Video Player, Network Driver System, Video Render, etc.). Click on that app an select “uninstall”.

list-apps

After this operation is done, you should see a confirmation message – click “Ok”.

remove-malicious-app

 

If you did all the steps correctly, your device should be unblocked by now. If you have any problems when trying to get rid of the virus, please post your questions as comments below this article.

Read "FBI android virus" in other languages

24 responses to “FBI android virus

  1. This did not happen on my phone it happened on my tablet and Idk what too do please help please

  2. Download antivirus application like Avast Mobile or something similar. You can find it on Google Apps Store.

  3. There are some mobile anti-malware applications and you should definitely get one. Look for it on GooglePlay store.

  4. I have tablet and i do not know what to do please help it just popped up and idk i called support and it cost 99.99 dollars

  5. Cant Uninstall. The uninstall tab is greyed out. When i go into Device Administrators the only thing there is an “Android Device Manager”. I’ve seen other instructions online that state there should be other options under this tab that i should be able to uncheck. I’m afraid that the creators of this virus have improved it and it is now even more difficult to remove!! Plz help

  6. If you can’t remove the virus manually, try to download anti-malware application from Google Play store. Or you can do a system restore of your Android device

  7. Try to download anti-malware application for Android. I’m sure you can find one in Google Play store

  8. I got the message but my phone didnt lock up and i cant find any different apps also my anti viris didnt find anything do i still have it on my phone

  9. I cant delete the app its called xxxvideo and Its Impossible too get rid of I have to pay 500 dollars but I cant and I need help. Idk why I cant delete it even on safemode

  10. Try to download reliable mobile anti-malware application from the Google Play Store

  11. There is a new plugin that comes from porn sites called Porn player. It is about 900kb! Avast don’t touch this one,it disables it!! May the FARSE BE WITH YOU JEDI!

  12. I can’t access my anti-virus app, but the main screen isn’t locked. Can it be FBI hijacker?

  13. I followed all the steps..I put the phone on safe mode and went to settings> application manager and when I search for the app I do not see it..I went to my removal folder and saw something that said xxx.apk and I deleted that but I do not see the app to uninstall..please help

  14. the app was activated in device administrators and i cannot get it to deactivate or uninstall the app. pls what do i do??

  15. I can’t restart my phone at all. I hold down the power button and everything is running in the background but the warning is preventing me from doing anything to my phone. What do I do?

    I also tried turning off the screen to make it go to the lock screen and it didn’t do that after I turned it back on. It went right to the warning screen and it took away my three buttons on the bottom on my screen. What do I do?

  16. Hello, Justin, could you please tell us what Android version your device is running? In case it one of the older ones, you might need to turn off your the device (if it is possible) and then turn it on. When Android logo appears, press and hold volume up and volume down buttons at once. Then follow removal instructions provided in this article. Hope this helps!

Leave a Reply

Your email address will not be published. Required fields are marked *