SAN FRANCISCO (KRON) — Imagine being locked out of your phone and a message on the screen says you need to pay to get access back to your device.
That’s exactly what happened to Matthew Palefsky. “My phone went black. It was like the matrix, all this code came down the screen,” Palefsky said.
Experts say this is a growing crime. Cyber criminals are posing as the FBI and are taking over people’s phones with viruses.
Palefsky was downloading an app on his Android phone when he picked up the virus built by cyber criminals to blackmail people for money.
“There was like an overlay that came over my screen that said FBI warning. Your phone has been locked by the FBI. It said to unlock your phone or get it back, you would have to pay the $500 fee,” said Palefsky.
The message was followed by instructions on how to send cash for the payment through Paypal Cash.
Palefsky says he has tried everything, from turning the phone off to taking the battery out. Nothing has helped and he has no access to anything on his phone.
Downloading antivirus can keep this from happening. Malwarebytes offers free anti-virus software for phones. Click here for a link to download the software from Malwarebytes.
While nothing is certain, cyber security experts say there are a couple tricks to try to get access back after being hacked.
1. TRICKS FOR MOST CUSTOMERS
The best thing to do is get the device into Safe Mode to uninstall and/or deactivate from Device Admin list.
Because of various Android updates and different device/carrier variants there are two common methods they could try. If they don’t, they’ll have to look up how to do it on their particular device.
Jellybean, Android 4.1 and up
Long press Power Off on screen
Press ‘OK’ to reboot to Safe Mode
Prior to Jellybean or above steps do not work.
Press ‘Power Off’ or ‘Restart’
Restart if powered off
Hold ‘Volume down’ button while booting up.
Once in Safe Mode
Navigate to Device Administrators before uninstalling.
Settings -> Security -> Device administrators -> uncheck Malware app -> Deactivate
Navigate to Settings -> Apps locate app uninstall or uninstall with long press from App tray
2. TRICKS FOR TECH SAVVY CUSTOMERS
You can have them try removing via command-line using ADB while connected with a USB.
To get adb you can point them to http://forum.xda-developers.com/showthread.php?p=48915118#post48915118
Or, for the full Android Development kit here: https://developer.android.com/sdk/installing/index.html
The trickiest part is identifying the package name because they obviously try to hide, so the name could be randomized, some adobe flash or porn variation, or one that’s kind of nonsensical.
Best to do while device is in Safe Mode, connect the device via USB with USB debugging enabled.
Using adb, from a command line:
> adb shell
> pm list packages (identify app)
> adb shell am force-stop com.mypackage (com.mypackage is the name of the app)
– with root:
> pm disable com.mypackage
adb shell am force-stop knhd.nduix.kvzpl
adb shell am force-stop com.porno.player
Next uninstall app.