DoubleLocker Ransomware is spreading as a fake Adobe Flash update via compromised websites. Malware demands 0.0130 BTC (approximately USD 74.38) and threatens victims to pay the ransom within 24 hours. Once executed, the malware changes the device PIN to a random value that neither attacker knows nor stored anywhere. If the ransom is paid, the attacker provides the decryption key to unlock the files and remotely resets the victim’s device. Users can factory-reset their phone to get rid of the malware. For rooted Android devices, victims can use Android Debug Bridge tool to reset PIN without formatting their phones.
Source: https://thehackernews.com/2017/10/android-ransomware-pin.html