Android Porn App Secretly Photos Users Before Demanding Ransom

Security experts have warned that a popular pornography app may be tricking users into giving away more than they bargained for thanks to some troublesome ransomware.

The Adult Player app, which was not available to download from the Android app store but had to be accessed from other sites, appeared to offer pornographic videos.

However, when opened, it secretly took pictures of the user with the phone’s front-facing camera, before locking the device and displaying a demand for $500 (£330), security firm Zscaler found.

Tricked

Users have to give admin permissions to the app when first installing, which when complete ensures the ransomware is present on the infected device.

Once executed, the user receives the ransom message on their home screen, which says that their device has been blocked for ‘safety reasons’ and that only by paying the $500 can they get it back (pictured left).

Zscaler is telling infected users to reboot their devices in ‘safe mode’, which boots the device with default settings without running third party apps, and to only download apps from recognised sources such as the Google Play store.

Ransomware is proving to be a difficult threat to get rid of, as new variants appear to crop up each month.

Last week, a report by McAfee Labs revealed that there had been a 58 percent rise in ransomware emails over the last year as hackers look to capitalise on social engineering to try and con people out of their money.

An ESET study carried out at the Infosecurity 2015 event earlier in the year also found that over a third of UK companies have either personally been held to ransom by hackers, or know someone that has had their networks infected by ransomware.

“Ransomware and crypto malware, such as that imposed by pornographic app ‘Adult Player’, is rising at an alarming rate,” said Raj Samani, CTO EMEA Intel Security. “Intel Security’s most recent Threats Report uncovered that ransomware shot up 127 percent in the past year alone. We are increasingly seeing hackers blackmailing online users with their most private and sensitive information, or even photos.

“Thanks to the pseudo-anonymity provided by digital currencies such as Bitcoin, hackers can simply buy the skills required to launch an attack online and accept ransom payment through the same technology. This makes ransomware and crypto malware a lucrative enterprise for online criminals – with successful attackers raking in tens of thousands worth of Bitcoin in matter of weeks.”

What do you know about Internet security? Find out with our quiz!