Tablet infected by FBI MoneyPak Virus

[tragicmat1]

Hello,

Like the title says, my tablet has recently been infected by the FBI Moneypak Virus. Although Avast mobile recognizes it as malicious webpage (it's locked my browser), virus scan cannot find it. I do not know what steps I must take in order to rid the virus, so any help would be appreciated. Thank you!

[Ondra Cermak]

If you visited a malicious page and avast! blocked it and you went away, then you are most likely fine and nothing has been downloaded to your tablet. Just to be sure, you can run full scan of the external memory/SD card, but if nothing is found, then you're okay.

[tragicmat1]

Oh no, my tablet has already been infected. I had downloaded Avast AFTER, to see if the scan would do anything (but as I expected it wouldn't). Right now, it's impossible to use the browser on my tablet.

[Ondra Cermak]

I'm not a virus analyst, but I thought that FBI Moneypak is a Windows malware, not Android. What exactly do you see in your Android browser?

[tragicmat1]

It's basically the same as the windows version. It locks your browser, (though not the other functions), and automatically redirects you to the FBI moneypak scam, asking you for money. It lists your IP and location, and the whole fine will increase if not paid by a certain period (12 hrs).

[Ondra Cermak]

I sent your issue to one of our Virus analysts, so hopefully he'll come for the rescue

[tragicmat1]

Thanks a bunch!

[svehlak]

Can you please share whic URL is it? Can not find any ransomware  for android devices.

[tragicmat1]

It automatically redirects me to fbi.gov.id657546456-3999456674.a8764.com/?flow_id=2019&453640=45513/case_id=39994 .

It should also be noted, that I seem to now be able to use my browser after changing my homepage. But, I feel like as I didn't really do anything, the virus might still be lurking. But, I do not know what methods I have to go through in order to fix it.

[svehlak]

Did you try to use another browser? This site has low reputation for sure, but there are no many ways, how to affect browser behavior. Is your tablet rooted? Also, you can use privacy advisor to see, which apps have privilige to use internet communication and change application behavior and may be you will find it..

[tragicmat1]

Yes, if I use another browser, then I can get it to work and unlocked. But, I just wasn't sure if that was just the solution I should go with, or to actually try to get rid of the virus. Perhaps I should just uninstall the default browser? Also, I'm not entirely sure if there are other problems too, as I've avoided using the tablet ever since it has been infected.

Also no, the tablet is not currently rooted.

[svehlak]

I suppose you will not be able to uninstall default browser, but you can try to find in system settings/applications and delete its data. It should be named something like "Browser" or com.android.browser.