Porn ransomware app secretly clicks photos of users


Zscaler, a US security firm, has uncovered a ransomware app called Adult Player which preys on Android users by alluring them with pornography. The application clicks a photo of the person accessing it and then demands a payment.

According to Zscaler, Adult Player is one of many such third-party Android apps. It pretends to be a video player for porn and asks for admin rights when opened for the first time. After the user clicks on activate, it runs a fake update page where nothing happens in terms of an actual upgrade.

Adult Video Ransom Demand

The malware then loads an Android application package called test.apk into the smartphone. This is known as a reflection attack. It’s used to deflect static analysis and detection. The tool next proceeds to check whether the device being used has a front camera. If there is one, it silently clicks a photo of the person accessing the app.

The malicious software subsequently displays their picture on a ransom page and clamps down on the handset. It refuses to unlock the phone until the user pays $500 (roughly Rs 33250). Even restarting the device is of no use, since the application is designed to stay active no matter what attempts are made. Zscaler states that the only way to get rid of the malware is to boot the phone into safe mode.

This forces the user’s device to start with default settings and no third-party apps. The person is then free to go into settings and remove administrator rights for the application, paving the way towards its removal. It should be noted that Adult Player is not an official Google Play Store product and can only be downloaded via third-party sites.

Zscaler advises people to only download applications from trusted app stores. This can be enforced by going into the security settings of a handset and unchecking Unknown Sources.

Leave a Reply

Your email address will not be published. Required fields are marked *

Porn ransomware app secretly clicks photos of users

log in

reset password

Back to
log in