FLocker. New ransomware attack Android smart televisions.

FLocker is an android mobile lock-screen ransomware, first appeared in May 2015. No wonder why it was once said that 2016 is the year of the ransomware. Since ransomware was detected for the first time it has become the biggest virus threat not only for computer users but for smartphone user too. Now this has evolved to the point that even smart tvs can be hit by Android ransomware. FLocker virus infection on one device may affect multiple devices connected on the same network running android operating system like android tvs. Apparently back in 2015 FLocker (Frantic Locker) was detected in over 7,000 different versions and kept growing. One year later in April 2016 another wave of over 1,200 FLocker variants was identified, showing visible sights of development still on. It seems to be somehow related to Cyber.Police ransomware, previously infecting not only for computer users but also android smartphone.

Malware attack on mobile phones

Frantic Locker ransomware can attack and get to your phone, spreading in a lot of ways: including via SMS messages which involves malicious links, through infected sites or android applications. Once user android phone is infected with the ransom, the malware waits for 30 minutes. To avoid and slip by antivirus analysis, Frantic Locker is hiding under a HTML file inside the “Assets” folder. After 30 minutes are up Frantic Locker attacks the device beginning a background service requesting user to give admin rights. If user denied admin rights, FLocker malware will freeze and display fake system updating massage to scare victims and force them into giving admin access. Once access is granted the virus will start communicating with command and control center, delivering new payload misspelled.apk and ransom note in HTML file with a JavaScript form. Latest FLocker development is the ability to lock smart tvs with android OS.


This ransomware is recently developed and not working on all Android OS versions. The OS on mobile phones and smart TVs are different so not both of the devices will be successfully locked. However once locked Frantic Locker ransomware behavior is the same any malware like this. It will aks users to pay $200 in iTunes gift cards to give access back to infected Smart TV or mobile device. Unfortunately, victims will not be able to find easy solution to fix this problem. Apparently countries in East European are not in the target range. FLocker deactivates itself in devices located in Kazakhstan, Azerbaijan, Bulgaria, Georgia, Hungary, Ukraine, Russia, Armenia or Belarus, FLocker deactivates itself.

Manual steps to remove ransomware or malware. How to prevent ransomware or malware.

For now, removing ransomware or malware manually will only be able for IT specialists. If you don't know one don't worry. We have a solution for you. Over here we will use Spyhunter to remove the virus. The Spyhunter anti-malware is a collection of programs that can be used to scan for malware and clean infected computers. You can also use full anti-malware program in this case which is the better option because it also offers protection.

How to remove "ransomware or malware"

NOTE: In this option the virus will be removed but the files will remain locked! You have to decrypt your files.
  1. Download Spyhunter anti-malware.
  1. 2.  After program has been downloaded, double-click to open it. User will have to install the program. Click on Spyhunter.exe to start the process.
User Account Control dialog may appear, asking you to allow the following program to make changes to this computer. Click "Yes" or "Run" to proceed with the installation. User can also choose variety of languages. Click Ok and the installation will begin with a welcome massage for Spyhunter. Click Next to continue to the next step. User will also have to accept Spyhunter license agreement by clicking on "I accept the agreement" and click Next. Spyhunter will ask user to read important information provided before continuing. Once done click on next to go to the next step. User can choose where to install the program. By default - C:Program FilesEnigma Software GroupSpyHunter. The process will continue and then Spyhunter will install. The installation process may take awhile, depending on a computer system performance. Once the installation is done, click Finish.
  1. 3. Update the software before scanning. Once program has been updated go to scan. You can choose from a free trial version or activate license. It is recommended to buy full version as the trial will not protect computer system.
  1. 4. The scan process will begin. The scan process may take awhile, depending on a computer system performance.
  1. 5. Once the scan is complete you can choose between delete or quarantine the viruses. The quarantine option is recommended and since the malware is active a reboot will be required to finish process.

Click here for guide of how to uninstall spyhunter.

Decrypt ransomware files.

Good news is that we can now use decryption programs. A lot of security companies like Kasperky lab, bitdefender and more has developed a program that is fully capable of decryption key for ransomware malware. You can find this programs anywhere on the internet but it is strongly suggested to download this programs from official websites. NOTE: It may take a long time for your files to be decrypted depending on your PC performance.