Adult Player app lures Android users into ransomware trap

9 Sep 2015

Adult Player is the name of a newly-discovered piece of Android ransomware, which takes an image of the user, locks the phone and demands US$500 to go away.

Found by Zscaler, the app lures in its victims by pretending it’s a pornographic video player and, once you click on it, the phone takes a snap of you, locks and demands the money.

“There is no porn. The user gets duped, big-time,” said Deepen Desai, director of security research at the US cybersecurity firm Zscaler.

The only option, on first viewing, is to pay the money into a Paypal account.

Frozen on screen, you can’t simply turn off and on your smartphone, as it runs immediately on start-up, again.

The only way to get around it is to reboot in safe mood, remove its administrator privilege – which you will have given upon opening it in the first place – and then uninstall it.

Adult Player Ransomware

The image shows (from l-r) the app, the permissions request, the image shot/lock screen, and ransom note , via Zscaler

“To avoid being victim of such ransomware,” said Zscaler, “it is always best to download apps only from trusted app stores, such as Google Play. This can be enforced by unchecking the option of ‘Unknown Sources’ under the ‘Security’ settings of your device.”

This is actually the second such example of ransomware tied to pornography that the company has found recently.

Back in May the security company discovered Porn Droid, which worked in much the same way. You clicked on the app, it seeks permissions that, once you agree, leave you high and dry.

On that occasion, Zscaler’s ‘safe mode’ attempt to uninstall the app doesn’t appear to have worked.

The moral of the story, stop giving installs crazy permissions, and stop downloading dodgy adult apps.

Main image via Shutterstock

Gordon Hunt was a journalist with Silicon Republic