Pinterest Stumbleupon Whatsapp

You may be familiar with so-called “ransomware Don't Fall Foul of the Scammers: A Guide To Ransomware & Other Threats Don't Fall Foul of the Scammers: A Guide To Ransomware & Other Threats Read More ” – malware designed to encrypt your files. Generally, this malware then holds the decrpyption key hostage in exchange for some kind of anonymous payment.

Recently, one malicious app has raised the stakes to a scary real-world level. The app in question is the Adult Player for Android – a “porn app” which baits the user with the promise of adult content. Once installed, it takes a photo of the user and bricks their device, then threatens to accuse them of child pornography possession and leave the device inoperable unless a $500 fine is paid.

This issue was disclosed thanks to security researchers at Zscaler, a cloud security company, which posted a lengthy blog post analyzing the behavior of the malicious app. Obviously, the app’s behavior is concerning, because it represents an escalation on the part of malware makers. Previous computer viruses have operated in a pretty narrow area of crime: either trying to find enough financial information to steal your money, or illicitly accessing your computer to perform some low-value task (like mining Bitcoins 5 Ways You Can Make And Mine Bitcoin Currency 5 Ways You Can Make And Mine Bitcoin Currency The revolutionary and controversial method of payment has been making headlines. There are plenty of reasons why you might want to start performing transactions using Bitcoins. But first, you have to earn some for yourself. Read More , DDOSing servers What Is a DDoS Attack? [MakeUseOf Explains] What Is a DDoS Attack? [MakeUseOf Explains] The term DDoS whistles past whenever cyber-activism rears up its head en-masse. These kind of attacks make international headlines because of multiple reasons. The issues that jumpstart those DDoS attacks are often controversial or highly... Read More , and cracking password hashes Ophcrack - A Password Hack Tool to Crack Almost Any Windows Password Ophcrack - A Password Hack Tool to Crack Almost Any Windows Password Read More ).

None of this stuff is at all nice, but it also isn’t very personal. It’s not designed to ruin lives.

But ransomware shows that hackers and malware developers are starting to diversify into uglier and more personal kinds of crime. Being accused of possessing child porn can be life-ruining, and having a picture of you distributed by a porn app can have nasty real-life repercussions all on its own.

Unfortunately, this is probably just the start. Zscaler notes that it has seen other ransomware with a similar MO lately, and it wouldn’t shock me to see this sort of thing become more common in the future as the malware arena grows more competitive.

How the Malware Works

The attack starts when the software is downloaded by the user. The Adult Player software isn’t distributed by the Google Play appstore, since it likely wouldn’t make it past Google’s malware screening. Instead, a third party website prompts the user to acquire the software by directly installing the .apk file How to Manually Install or Side Load Apps on Android How to Manually Install or Side Load Apps on Android Sideloading a file onto your Android device is easy, and we can show you how to do it. Read More  – a feature that Android supports, but does not encourage for most users, and is disabled by default.

Once installed, the malware checks if the user’s camera is available, and silently takes a picture of them. This picture is then displayed alongside a vaguely official-looking ransom note, which claims to be affiliated with the FBI and imposing an official fine, much like the previous-discovered FBI Ransomware FBI Ransomware Hits Android: How To Avoid Getting It, And Remove It FBI Ransomware Hits Android: How To Avoid Getting It, And Remove It Learn how to keep your Android device safe from FBI Ransomware with these tips. Read More . The app prevents the user from using other apps, and boots on startup, effectively bricking their device. It encourages the user to submit money using a PayPal gift card to settle their ‘fine.’

How to Stay Safe

The good news is that this app is pretty easy to steer clear of. In many ways, it preys on user ignorance – both of basic security principles like “don’t download sketchy applications off the Internet,” and of how unnecessary it is to downloads apps for adult content in 2015. Without lingering on a distasteful subject, the web has become extremely mobile friendly over the last few years. Pretty much regardless of what you’re looking for, you can find it using a good, old fashioned browser.

Or, phrased more succinctly – get thee to a nunnery (or at least an incognito tab).

If you’ve already been infected, there’s still good news. If you boot your phone into safe mode Dealing with System Problems in Android: Safe Mode, Factory Reset & Restoring Backups Dealing with System Problems in Android: Safe Mode, Factory Reset & Restoring Backups If you've run into a problem on your Android phone or tablet, this method just might help you save it. Read More (method varies by manufacturer), the malware won’t be able to activate, which gives you the opportunity to uninstall the application. There’s no guarantee on the blackmail, but users are reporting that paying the ransom doesn’t actually unlock their device. If the app makers were too lazy to actually come through with the carrot, it’s unlikely they’re willing to go to the trouble to implement the stick, either.

Mobile Malware on the Rise

Most people, at this point, have learned some basic principles of good security on the PC A Universal Guide To PC Security A Universal Guide To PC Security From trojans to worms to phishers to pharmers, the web is full of hazards. Keeping yourself safe requires not only the right software, but an understanding of what kind of threats to look out for. Read More . Pick strong passwords, don’t download sketchy executable files, and don’t trust email attachments from strangers.

Unfortunately, the equivalent security principles are much less well-known for smartphones. People tend to take their mobile security for granted, which is one of the reason mobile malware Has Your Android Phone Been Infected with Malware? Has Your Android Phone Been Infected with Malware? How does malware get on an Android device? After all, most users only install apps through the Play Store, and Google keeps a tight watch over that to make sure malware doesn't squeeze through, right?... Read More is growing so quickly. Taking mobile security quickly is vital in 2015, so keep your wits about you. Don’t install strange .apk files, and watch out for excess permissions or apps that demand to be installed in administrator mode. And, of course, make sure that Unknown Sources in Settings > Security is kept disabled.

It’s not hard to stay secure on a mobile platform – but it is something you need to be aware of.

Have you or someone you know been affected by blackmail or ransomware? Tell the story in the comments!

  1. Christopher HasARightToPrivacy
    September 12, 2015 at 7:07 pm

    Good article and I hope people read it. With the exception of the things that are out of your control (like vulnerabilities, network penetration, etc), security is mostly about being aware and educated.

  2. fcd76218
    September 11, 2015 at 11:51 pm

    "How Do You Stay Safe?"
    I use a dumb phone, either a landline or a cellphone with very few capbilities.

Leave a Reply

Your email address will not be published. Required fields are marked *