Porn App Secretly Takes Your Picture, Then Demands Extortion Payment

There’s a porn-watching app that secretly takes control of your phone, snaps your picture, locks you out of the device, then demands a $500 extortion payment.

The cybersecurity firm Zscaler just discovered that this Android app, called “Adult Player,” is actually just malware in disguise.

It’s easy to avoid, though. Adult Player can only be downloaded from illegitimate websites. If you follow a basic safety rule you’re safe: Only download apps from the official Google Play store.

This is the latest case of something called “ransomware.” That’s a type of malicious software that hijacks your computer or smart device, then demands payment to unlock it.

People who download Adult Player will have their smartphone locked. But what makes this one different is that it takes control of the selfie camera and takes your picture. Then it displays your photo along with the message demanding a ransom. The alert is disguised to look like a message from the FBI.

Zscaler can only identify a dozen people who have been infected — a tiny number. But the way this malware snaps your photo and demands a ransom shows how these cyberattacks are getting more personal — and disturbing.

Even when the device is restarted, this ransomware keeps control over the device with the image of the ransom message staying locked on the screen.

The ransomware requests that the payment be made via PayPal “My Cash” gift card and promises to unblock the phone and decrypt the images within 24 hours of receiving the payment.

Zscaler said Adult Player is likely a more malicious variant of a ransomware app the same cybersecurity firm discovered earlier this year called “Porn Droid.”

To regain control of your device, Zscalser recommends rebooting in “safe mode,” and then clicking on “settings,” then “security,” then “device administrator,” and then deactivating the “Adult Player” app.

From there, you must go to “settings,” then “apps” and uninstall “Adult Player.”

The proposed fixed should permanently free the victim’s device from the blackmailers, unless the user downloads another version of the app.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s