Shopping

Android porn app takes your mugshot, holds your device ransom

Android porn app takes your mugshot, holds your device ransom

Bad news, mobile porn viewers! The FBI knows what you’re up to. They’ve taken your mugshot and they’re going to need you to transfer $500 via PayPal before you can do anything with your phone again.

It’s a shakedown attempt some enterprising criminals concocted. The idea is simple enough: trick a user into installing an app that disguises itself as a porn video player, sneak a few extra permissions in thinking that they’re so eager to get at the goods that they won’t read them, and then hijack the startup process and hold the infected device for ransom.

This particular strain is unique, though. As part of the extortion attempt, Adult Player snaps a picture of its victims using the front-facing camera. The malware then locks the device and displays the shame pic/ransom request. Rebooting does nothing, because the ransom screen butts in before the launcher and locks the phone up again.

The good news is that ZScaler didn’t find Adult Player lurking in Google Play. They discovered it in some third-party app stash, presumably either a shady store or as a standalone .APK on a similarly shady website.
The other good news is that it’s not a terribly sophisticated piece of malware. Reboot your Android device into safe mode, and you can easily uninstall Adult Player. Then remind yourself that you should stick to downloading apps from places like Google Play or the Amazon Appstore.

CommentsAdd a comment

shopping

FacebookTwitterYoutube