Get PJ Media on your Apple

PJM Lifestyle

How Porn Sites Hold Android Phones for Ransom

It'll run you $300 to uninstall the malware.

by
Stephen Green

Bio

May 12, 2014 - 10:00 am

 shutterstock_153754553

This sounds fun:

Researchers have uncovered Android-based malware that disables infected handsets until end users pay a hefty cash payment to settle trumped-up criminal charges involving the viewing of illegal pornography.

To stoke maximum fear, Android-Trojan.Koler.A uses geolocation functions to tailor the warnings to whatever country a victim happens to reside in. The screenshot to the right invoking the FBI, for instance, is the notice that’s displayed on infected phones connecting from a US-based IP address. People in Romania and other countries will see slightly different warnings. The malware prevents users from accessing the home screen of their phones, making it impossible to use most other apps installed on the phone. The normal phone functions in some cases can be restored only when the user pays a “fine” of about $300, using untraceable payment mechanisms such as Paysafecard or uKash.

Here’s how the malware takes over:

“The ransomware’s main component is a browser view that stays on top of all other applications, Bitdefender Senior E-Threat Analyst Bogdan Botezatu wrote in an e-mail. “You can press Home and go to the homescreen, but a timer would bring it back on top in about 5 seconds. I managed to uninstall it manually by swiftly going to applications and dragging the icon on the Uninstall control, but it only works if the application icon is on the first row. Otherwise, one wouldn’t have the necessary time to drag it to the top, where the uninstall control is located.”

Users must first choose to allow out-of-market apps permission to install, and then install a porn “player” which is actually the malware. But it’s certainly easy to imagine scenarios not involving shady porn sites tricking the unwary into having to ransom their own phones.

*****
Cross-posted from Vodkapundit

image via shutterstock / Olena Zaskochenko

Stephen Green began blogging at VodkaPundit.com in early 2002, and has served as PJMedia's Denver editor since 2008. He's one of the hosts on PJTV, and one-third of PJTV's Trifecta team with Scott Ott and Bill Whittle. Steve lives with his wife and sons in the hills and woods of Monument, Colorado, where he enjoys the occasional lovely adult beverage.

Comments are closed.