Security researchers have discovered a malicious Android app that secretly takes photographs of users with the smartphone’s front-facing camera, locks the device and then demands ransom.
The Adult Player appears to give access to pornography, but instead displays a photo of the victim and demands payment of $500 using PayPal to unlock the device, according to security firm Zscaler.

The app is the latest example of a growing list of mobile ransomware, which is becoming an increasingly popular way for cyber criminals to extort money from victims.
In August 2015, Intel Security reported that samples of ransomware had increased 127% in the second quarter of 2015 compared with the same period in 2014, affecting mainly desktops and laptops.
“Ransomware attacks have become easier than ever to carry out because of crimeware services that provide attackers with user-friendly graphical user interfaces or consoles to customise attacks,” said Raj Samani, chief technology officer for Europe at Intel Security.
“No technical knowledge is required. All attackers have to do is fill in the email addresses they want to target and wait for the money to come rolling in,” he told Computer Weekly.
Samani said relatively low-cost ransomware attacks typically net thousands of pounds a week for attackers, as companies pay ransoms in bitcoin for the decryption keys to unlock their data. However, he said most ransomware attacks can be avoided through good cyber hygiene and effective, regular data backups that are continually tested to ensure they can be restored if needed.
Companies can limit the impact of ransomware attacks by exercising good governance and ensuring users have access only to the shared drives they need to do their jobs.
“Our recommendation is that businesses need to be proactive because the decryption keys are not always provided when ransoms are paid and being proactive is often easier and less costly than a reactive approach,” said Samani.
By paying ransoms, he said companies should recognise they are contributing to cyber crime by supporting those responsible for it.
The Adult Player app, which is the second example of pornography-focused ransomware discovered by Zscaler, was not available from official app stores such as Google Play where apps are vetted.
Samani said smartphone users can reduce the changes of being targeted by ransomware or other mobile malware by downloading apps only from official app stores.

Zscaler is advising anyone who has downloaded Adult Player to reboot their handset into “safe mode” to delete the malware.

CW+
Features
Enjoy the benefits of CW+ membership, learn more and join.

Leave a Reply