A new dangerous malware targeting Android devices is on the loose. So far the virus, known as LokiBot, has collected over 1.5 million USD from its their victims.

A new threat was discovered by the security experts from the Kaspersky Lab. LokiBot behaves as a typical banking trojan, generating and distributing fake "bank" notifications. It can also steal the victim’s contacts. It has a specific command to spam all contacts with SMS messages as a means to spread the infection. Furthermore, the malware has an unique option, which allows it to lock the infected devise and prevent the user from accessing it.

Another very interesting feature of LokiBot is its ransomware capabilities. If threaten, the malware can act as a classic ransomware, capable of blocking the device and demanding a ransom of 100 USD in bitcoins.

The security experts from the Kasperski Lab advise against paying the ransom, but instead to revoke the malware’s administrative privileges. In order to do so, the owners of the Android 4.4 to 7.1 devices must hold down the power button until the menu with the “power off” option is displayed. Then press and hold the “power off” button, and finely, in the "safe mode" menu, select OK.