Android Apps Blackmailing Users with Secret Photos, Demanding $500 Ransom


A new ransomware has been discovered targeting Android devices. Pretending to be a pornography app, it secretly takes selfies of users and then lock them out of their devices.

Security researchers have reported that the Adult Player Android app, which masquerades as a pornography app, locks users out of their devices, demanding a ransom. Once installed, it takes unauthorized photos of the user after which it threatens them to expose their private information and delete user data on the devices. User is also locked out of the phone which they can only unlock after they agree to pay a ransom of $550 via PayPal using their smartphone.

Restarting the device also doesn't get you out of this problem as once you reboot your device, the ransom message appears back on the screen. As you are locked out of your device, uninstalling the app goes out of the question. However, there is a way that you can get rid of this malware. Here's what Zscaler, the security firm that discovered the ransomware, suggests to get out of this trouble:

  1. Boot device into safe mode (Please note that entering "safe mode" varies depending on your device). Safe mode boots the device with default settings without running third party apps.
  2. Uninstalling ransomware from device requires you to first remove administrator privilege. To do the same, go to Settings --> Security --> Device Administrator and select ransomware app, then deactivate.
  3. Once this is done, you can go to Settings --> Apps --> Uninstall ransomware app.

This is not the only app pretending to be a porn app to get control of your device and then demand ransom. There are several other variants of similar apps and the best way to stay away from apps which install malware on your device is to stick to trusted app stores like Google Play Store. Go to your device Settings and uncheck "Unknown Sources" under the Security options to enforce this.