Fake porn app ‘Adult Player’ takes Android user’s picture and demands money

Android users are being told to avoid “Adult Player,” a purported pornography app for Google’s on-the-go operating system that combines X-rated videos with attempted extortion.

The app appears to offer up free porn videos, but researchers at the Zscaler security firm said Adult Player actually installs malware that will force a phone or tablet to lock up until the victim agrees to pay a $500 fee.

“Ransomware” like this has become increasingly prevalent in cyberattacks waged against computers and mobile devices, but the malicious software served through Adult Player adds an unique element that might make a victim more inclined to open their wallet. According to Zscaler, the app makes use of the mobile device’s front-facing camera to take a blackmail picture as the would-be porn program is launched.

Instead of getting X-rated content, users of the app are then prompted with a picture of themselves alongside a phony FBI warning that claims they’ve been caught downloading “banned pornography” and must pay a fine to unlock their device.

“The ransomware is designed to stay stagnant on screen and does not allow the the victim to uninstall it. Rebooting the device does not work in such cases as ransomware app becomes active immediately after reboot, which leaves no scope for the victim to get into device ’settings’ and uninstall the ransomware,” researchers explained in a blog post last week.

To avoid becoming a victim of the Adult Player ransomware or other attack, Zscaler said Android users should avoid downloading random programs and only install apps that have been properly vetted and made available through official stores, like Google Play.

Otherwise, users may have to heed a series of steps outlined by the security firm that explains how to go about removing this particular type of ransomware without forking over the $500 fee.

In June, McAfee Labs said there’s been a 165 percent increase in new ransomware throughout the first quarter of 2015 compared to one year earlier. Last week, researchers at Malwarebytes said that Web pages on the popular dating site Match.com were serving up tainted ads to visitors who were surreptitiously installing viruses, including ransomware, on vulnerable computers.