.... some quotes from the article above:
A new ransomware family is targeting Android devices, locking access to the screen, and constantly pestering the user to enter his payment card details.
According to Fortinet researcher Kai Lu, the one who discovered this new threat, the ransomware appears to be targeting only Russian-speaking users, as its ransom note is only available in Russian.
There are several things that stand out about this threat. The first is the humongous ransom demand it asks victims for, which is 545,000 Russian rubles (~$9,100).
This ransom demand is between 10 and 100 times over the price of some phones, and most users who can't remove the screen locker will instead choose to buy a new phone rather than paying the crooks.
To pay the ransom, victims have to enter their credit card number directly in the ransom screen, a technique very different from how other ransomware operators like to work, which is via Bitcoin, Tor, or gift cards.
As mentioned before, this ransomware is currently targeting only Russian users. Just like most Android malware today, this threat is hidden inside an app that requests users to give it administrator rights.
The app is most likely downloaded and installed from third-party app stores. Because the ransomware gets admin rights, users have to reboot their devices in safe mode and remove the app from there.