We hear it a lot in the news about Ransomware attacks targeting organizations or even cities, but did you know you can get Ransomware on your Android device?

What is Ransomware and how does it work?

Ransomware can come in many shapes and forms with thousands of new variants hitting the internet a day they all have something in common.

  • Crypto Ransomware – Takes over your device and encrypts your files to prevent you from accessing them. This kind of ransomware is most common on computers. It can come in many forms from office documents to programs we download online.
  • Locker Ransomware – denies you access to your device (often by locking the user interface or using a popup overlay) instead of encrypting your files. This kind of ransomware is the most common on Android phones and other mobile devices. Imagine you would not be able to check your Facebook or Instagram until the ransom was paid.


The Dr. Evil’s of the digital world, ransomware can hold your files for hostage for a small price, with a hacker demanding that you pay a ransom (using Bitcoin or some form of payment) to have them release your files.

Last year, the average ransom demand was over $1,000. If you don’t pay or have a good backup solution you risk losing your files forever. Even if you do pay the ransom there is no guarantee that you are going to get your files back. After all you are dealing with a criminal.


It’s also important to mention that ransomware and locker ransomware is not a virus – its malware. While both share the mutual goal of infecting and destroying your digital files, viruses are able to replicate in order to wreak havoc on your systems.

Can Android devices get ransomware?

Your computer isn’t the only device that could end up with ransomware. Android phones and other IoT (Internet of Things) devices can get ransomware, but Android phones have become a popular target for hackers.

How does ransomware get on my phone?

Great question… Mobile ransomware is deployed on your mobile device in a few different ways. We have seen it deployed from the Google Play Store, malicious text messages that want you to download an APK file from some website that you probably have never heard of. You won’t get it from surfing websites or random popups that show up. You will have to physically install an app on your phone.

Types of Android Ransomware

So lets take a quick look at some of the Android ransomware that is out there.

Inspired by the notorious WannaCry ransomware attack that was all over the news a while back. Developed by Chinese hackers, WannaLocker targeted Chinese Android users via popular gaming websites. But unlike the $300-$1000 ransoms we are used to seeing this ransom was around 40 Chinese Renminbi (about 5-6 USD).

Another Android attacker, the aptly named DoubleLocker ransomware was a double whammy for Android users because of its ability to both encrypt a user’s data and change the device’s security PIN code. Early versions of the ransomware are thought to have emerged in May 2017. Also spread as a fake Adobe Flash update via compromised websites, DoubleLocker is the first ransomware to misuse Android accessibility, a tactic Android banking Trojans use to steal banking credentials. This means that future versions of DoubleLocker might be able to steal money directly from your bank account, in addition to extorting money from you through ransom payments.

LeakerLocker made waves in the news after a sort of Android internet browser ransomware. Instead of encrypting the victims’ files, LeakerLocker threatens to share your personal data (photos, messages, web history, emails, location history and so much more) with all your phone and email contacts. This means your boss could suddenly be staring at those “sensitive” photos you sent to your significant other. Hiding on Google Play as a fake app, LeakerLocker demands a ransom of around $50.

So how does Locker Ransomware work?

Good question. We could have gotten super technical in this article, but we won’t. Instead we have a picture to explain it.

What if I get infected, Level 10?

There are a few things you can do as a personal user of a device such as restoring the phone from safe mode or even restoring it from a backup if you have its setup correctly, but what if you are a company?

That’s a little different.

Call Level 10 Technology today to find out how you can secure your mobile devices from Locker Ransomware or even Ransomware.

We can be reached at 931-645-2322.