Security firm Zscaler recently discovered a mobile ransomware variant that lures victims in with the promise of free pornography. Once a device is infected, the app silently snaps a photo with its front-facing camera to use as leverage in order to swindle money from the victim.
The app, known as Adult Player, asks users for administration privileges during installation which should automatically throw up all sorts of red flags. In the event a user grants admin rights, the malware gets to work behind the scenes and checks to see if the host device has a front camera.
If so, the app takes a photo of the unsuspecting victim and gathers more information about the device before beaming it back to the hacker's home server. From there, it locks the device down and displays a typical ransomware message asking for $500 to unlock it.
The ransomware also display the image of the user it captured, no doubt in an attempt to scare them into coughing up the money to avoid legal trouble or embarrassment. The app has been coded to remain onscreen even after a reboot. Zscaler notes that users will need to boot into safe mode to uninstall the offending app.
As you might have guessed, the Adult Player app wasn't offered via Google Play which highlights the risks associated with downloading apps from third-party sources.