02-16-2018 12:28:03 PM -0800
01-23-2018 09:55:12 AM -0800
01-18-2018 11:02:22 AM -0800
01-09-2018 01:54:15 PM -0800
12-22-2017 09:40:32 AM -0800
It looks like you've previously blocked notifications. If you'd like to receive them, please update your browser permissions.
Desktop Notifications are  | 
Get instant alerts on your desktop.
Turn on desktop notifications?
Remind me later.


How Porn Sites Hold Android Phones for Ransom

 shutterstock_153754553

This sounds fun:

Researchers have uncovered Android-based malware that disables infected handsets until end users pay a hefty cash payment to settle trumped-up criminal charges involving the viewing of illegal pornography.

To stoke maximum fear, Android-Trojan.Koler.A uses geolocation functions to tailor the warnings to whatever country a victim happens to reside in. The screenshot to the right invoking the FBI, for instance, is the notice that's displayed on infected phones connecting from a US-based IP address. People in Romania and other countries will see slightly different warnings. The malware prevents users from accessing the home screen of their phones, making it impossible to use most other apps installed on the phone. The normal phone functions in some cases can be restored only when the user pays a "fine" of about $300, using untraceable payment mechanisms such as Paysafecard or uKash.

Here's how the malware takes over:

"The ransomware's main component is a browser view that stays on top of all other applications, Bitdefender Senior E-Threat Analyst Bogdan Botezatu wrote in an e-mail. "You can press Home and go to the homescreen, but a timer would bring it back on top in about 5 seconds. I managed to uninstall it manually by swiftly going to applications and dragging the icon on the Uninstall control, but it only works if the application icon is on the first row. Otherwise, one wouldn’t have the necessary time to drag it to the top, where the uninstall control is located."

Users must first choose to allow out-of-market apps permission to install, and then install a porn "player" which is actually the malware. But it's certainly easy to imagine scenarios not involving shady porn sites tricking the unwary into having to ransom their own phones.

*****

Cross-posted from Vodkapundit

image via shutterstock / Olena Zaskochenko