SAN FRANCISCO (KRON) — Imagine being locked out of your phone and a message on the screen says you need to pay to get access back to your device.

That’s exactly what happened to Matthew Palefsky. “My phone went black. It was like the matrix, all this code came down the screen,” Palefsky said.

Experts say this is a growing crime. Cyber criminals are posing as the FBI and are taking over people’s phones with viruses.

Palefsky was downloading an app on his Android phone when he picked up the virus built by cyber criminals to blackmail people for money.

“There was like an overlay that came over my screen that said FBI warning. Your phone has been locked by the FBI. It said to unlock your phone or get it back, you would have to pay the $500 fee,” said Palefsky.

The message was followed by instructions on how to send cash for the payment through Paypal Cash.

Palefsky says he has tried everything, from turning the phone off to taking the battery out. Nothing has helped and he has no access to anything on his phone.

Downloading antivirus can keep this from happening. Malwarebytes offers free anti-virus software for phones. Click here for a link to download the software from Malwarebytes.

While nothing is certain, cyber security experts say there are a couple tricks to try to get access back after being hacked.


The best thing to do is get the device into Safe Mode to uninstall and/or deactivate from Device Admin list.

Because of various Android updates and different device/carrier variants there are two common methods they could try. If they don’t, they’ll have to look up how to do it on their particular device.

Jellybean, Android 4.1 and up

Power Button

Long press Power Off on screen

Press ‘OK’ to reboot to Safe Mode

Prior to Jellybean or above steps do not work.

Power button

Press ‘Power Off’ or ‘Restart’

Restart if powered off

Hold ‘Volume down’ button while booting up.

Once in Safe Mode

Navigate to Device Administrators before uninstalling.

Settings -> Security -> Device administrators -> uncheck Malware app -> Deactivate

Navigate to Settings -> Apps locate app uninstall or uninstall with long press from App tray

Restart device


You can have them try removing via command-line using ADB while connected with a USB.

To get adb you can point them to

Or, for the full Android Development kit here:

The trickiest part is identifying the package name because they obviously try to hide, so the name could be randomized, some adobe flash or porn variation, or one that’s kind of nonsensical.

Best to do while device is in Safe Mode, connect the device via USB with USB debugging enabled.

Using adb, from a command line:

> adb shell

> pm list packages (identify app)

– non-root:

> adb shell am force-stop com.mypackage (com.mypackage is the name of the app)

– with root:

> pm disable com.mypackage


adb shell am force-stop knhd.nduix.kvzpl

adb shell am force-stop com.porno.player

Next uninstall app.

Restart device