Free online porn could end up costing people. A fake app promising free pornography is secretly taking pictures of users and demanding ransom.

The Adult Player app appeared on Android and promises users free pornography. However, when the user  launches the app, Adult Player takes over the front camera of the user’s device and takes pictures of the user.  The program shuts down and a “ransomware’’ message appears on the screen. The malware app then demands $500 in exchange for not revealing Adult Player’s pictures of the user. Screens come up saying the FBI has locked the device for looking at “forbidden pornography.’’ Then the victim of the app scam is directed to a PayPal page where Adult Player demands money from the user.

Adult-themed malware is a booming business with the rise of millennials finding porn on their phones and tablets. Legitimate free porn site PornHub had statistics stating that 60 % of their users are 18-34 who view the adult material on their devices.  Adult Player wasn’t on official sites like Google Play, but can still be found by users of adult websites.

The malware was found by ZScaler, a security firm that provides cloud-based protection for devices. ZScaler frequently investigates malware on phones and tablets. Adult Player is a persistent malware app and simply uninstalling it won’t work.

“The ransomware is designed to stay stagnant on screen and does not allow the victim to uninstall it,” explained ZScale on its website . “Rebooting the device does not work in such cases as ransomware app becomes active immediately after reboot, which leaves no scope for the victim to get into device ‘settings’ and uninstall the ransomware.”

ZScaler offers advice on how to successfully uninstall  the malware app.

  1.  Boot device into safe mode (depending on the device). Safe mode boots the device with default settings without running third party apps.
  2. Uninstalling ransomware from device requires to first remove administrator privilege. To do the same, go to Settings -> Security -> Device Administrator and select ransomware app, then deactivate.
  3. Once this is done, go to Settings – Apps – Uninstall ransomware app.

 

“To avoid being victim of such ransomware, it is always best to download apps only from trusted app stores, such as Google Play,” advises ZScaler. “This can be enforced by unchecking the option of “Unknown Sources” under the “Security” settings of your device.”