There is a new strand of ransomware masquerading as a free porn app that is targeting lusty Android users. Here’s the rub: Before seizing control of the victim’s phone, it takes sneaky photos of them using the app. Eew. If you’ve fallen victim to it, here’s how to get yourself out of this sticky situation.
Girl with phone picture from Shutterstock
First off, if you’re downloading apps for free porn, you’re doing it wrong. There are plenty of resources out there for acquiring this kind of content for free so there’s no reason to download shady porn apps.
But if you have downloaded the ransomware app in question, called Adult Player, then here’s what you need to know. The app disguises itself as a porn video player and lures victims to give it admin rights to their Android devices. The malware then assumes control of the device and takes photos of the user on the front camera. (We don’t need to point out why these photos have the potential to be embarrassing.)
Adult Player then displays a message that says the device has been locked for safety reasons and it will cost US$500 to free the device. Sounds more dubious than a bad porn movie plot.
Rebooting the phone does not remove the message and users won’t be able to access the compromised device. Zcaler, the security company that discovered the malware, recommends taking the following steps to get rid of the ransomware:
- Boot device into safe mode (Please note that entering “safe mode” varies depending on your device). Safe mode boots the device with default settings without running third party apps.
- Uninstalling ransomware from device requires you to first remove administrator privilege. To do the same, go to Settings –> Security –> Device Administrator and select ransomware app, then deactivate.
- Once this is done, you can go to Settings –> Apps –> Uninstall ransomware app.
[Via Zscaler blog]
Comments
6 responses to “New Ransomware Targets Porn Fans, Takes ‘Incriminating’ Photos Of Users”
Ahahaha, picture of someone jerking the gherkin for ransomware. So bad, but so funny.
So does the app actually display some porn for a while before taking photos and hitting people up for ransom?
…asking for a friend.
Bah ha ha ha ha ha. I see what you did there.
If I was the developer of this malware, this would be my first test in assessing the viability of a much more malicious version. I’d be testing the rate of pay here, just how the security companies go about investigating it, and the removal success rate. (and perhaps some other insightful data)
From there, I’d take this malware a step further. Remove the need to install some seedy porn app outside of the app store, look at proper infection points and distribution options. Stagefright would be a great one here, as it appears the majority of devices are vulnerable to it, and Google has little intention of fixing it. You could use this vector to infect others in your contact list as well, spreading quite easily.
Perhaps, next, also take a page out of the cryptolocker book, and encrypt all the personal data on someone’s phone. not before uploading it somewhere with a threat to distribute if the ransom isn’t paid.
This is the direction I see Android malware going soon, simply because Google doesn’t do anything to prevent it. (Yes, I’m aware updates are provided/controlled by the manufacturers and carriers, but that’s Google’s fault for allowing them to ever get involved in the security update process)
oh no you have a picture of my dick???? who cares. *boots into safe mode and uninstalls app*…
like seriously everyone has sex / watches porn dont get why the photos matter all that much. all they are going to learn about you is that your human *Shock horror*
Once again Android had it first!
Android is easier to submit bogus apps so this should be fixed. Personally I only use apps directly from big sites like Fapshows.com or Livejasmin.