A group of Russian hackers has created an app that purports to be a porn-watching tool but actually locks the phone and demands a ransom. Called Porn Droid, it's being spread by social media and torrent sites and nonaffiliated Android app stores and is aimed mostly at users in the US, security firm ESET said. Once installed, it displays an official-looking warning claiming to be from the FBI that blames victims for watching child porn and says their location and photos have been uploaded to a cybercrime center. It asks for a $500 fine within three days to regain access.
The fake FBI alert, like other ransomware, is designed to scare the victim into rushing to pay a fee to recover their data and prevent their information from being shared with law enforcement. The difference with this particular hack is that it uses Google's Material Design framework to make its threat more intimidating and easier to click through, Zscaler researcher Lukas Stefanko wrote in a blog post. "We've seen other ransomware variants gather SMS activity and call logs, but this is the first one we're aware of that utilizes the new material design to show them," he added.
If you're infected with Porn Droid, the only way to get back access to your device is to perform a hard reset, which restores your phone to its factory settings and wipes out any photos or contacts not backed up to the cloud. But even paying the fine doesn't guarantee you'll regain control of your phone, as some users who forked over money to the creators of another ransomware app called Adult Player found out the hard way.