Russian hackers have created an app called Porn Droid, which masquerades as a viewer for adult content.
The hackers are using social engineering, customizing emails and social media messages to target specific individuals, to spread the app, known as Porn Droid, currently aimed at users in the U.S.
When installed on an Android smartphone, the app silently downloads a piece of malware called LockerPIN, which resets the screen-lock PIN and effectively locks the user out of his/her smartphone.
To change the device’s PIN, Porn Droid needs administrator-level access to the phone. The malware uses a new method to obtain that high level of access.
When Porn Droid runs, it asks people to click a button to activate the viewer app. But beneath that window, and obscured by it, is another button for setting device administer privileges.
The malware is also coded to try to shut down three mobile antivirus products: Dr. Web, ESET’s Mobile Security and Avast.
Like most ransomware, the app displays a warning claiming to come from an official source —  in this case, the FBI, telling victims that information about their location and snapshots of their face have been uploaded to the FBI cybercrime datacenter. The warning says that forbidden pornographic sites have been accessed on the victim’s phone.
It then asks for $500 (around £330) to unlock the phone.
If you’re wondering what happens if you bite the bullet and pay up, if only to avoid the embarrassment of admitting you’ve downloaded a dubious app in an attempt to watch porn, it’s not a good option.
Paying the fine doesn’t unlock your phone, and the only way to fix it is to do perform a hard reset.
According to security company ESET, which uncovered the campaign, the only way to recover access to your phone is through a factory reset, which means that all your photos, videos and contacts will be deleted and, unless they have been backed up, will be lost forever.
The Porn Droid app is not available through the Google Play store but can be delivered from third-party markets, warez forums or torrents.
This is the second bit of ransomware technology to hit Android users in the space of a week, after Adult Player took users’ photos without warning and asked for money.
