Adult Player app taking sensitive pictures without consent and extorting $500

A free Android app which promises users free pornographic images has a hidden feature that allows it to take the picture of the user while he/ she is downloading the app using the front camera, hijacks their device and then blackmails them into paying $500 ransom through PayPal.

Spreading malware through computers is not a new phenomenon and would not have taken anyone by surprise but the emergence of hi-tech blackmail through an innocuous (well, not quite so since the users are looking for porn) app is surely something to lose sleep over.

Called Adult Player, the app is disguised as a porn video player- one of the smartest baits to lure people looking for cheap thrills over their handheld devices.

Smartly enough, it is not even listed on the Google Play Store, to escape Google’s prying eyes. However, it is available through third party sites, raising concerns over how Android’s open source system makes it more vulnerable to abuse as compared to rival Apple’s iOS.

In a blog post, Cyber Security firm – Zscaler said, “When the victim starts using it, the app silently takes a photo of the victim, which is then displayed on the ransomware screen, along with the ransom message.”

The app, upon installation, requires users for various permissions including administrator access to install malicious files in a clandestine manner.

The Adult Player app then checks whether the device upon which it is being installed has a front camera (sadly, most smartphones these days are equipped with rather good ones) and after the app is launched on the phone, it takes the user’s pictures silently.

The pictures are then used to generate a customized warning page and demand users to deposit a cool $500 through PayPal to unlock their device.

“Not only does it block your phone but it preserves data you don’t want to exist and is more on the blackmail end,” said Dr. Dreyfus from the University of Melbourne.

The smartly designed app also sends details about the device to a remote server, including information about the device type and operating system.

The warning screen claims to be an “FBI warning” for visiting forbidden pornographic sites and tells users that their device has been locked for safety reasons while listing their location, service operator and details about the version of Android software running on their systems- enough to scare the wits out of most people.

The app creators were smart enough is evident from the fact that the message continues to show up on their screen even if users reboot their device till they deposit the amount as mentioned earlier.

How to Uninstall Adult Player App

  1. Boot the device into Safe Mode. Doing so boots the device with default settings without running any third party apps.
  2. Uninstall the nefarious app. Go to Settings > Security > Device Administrator. Elect ransomware app and deactivate it.
  3. Now, got to Settings > Apps > Uninstall ransomware app.

Experts have long warned users not to fall prey to apps that promise you free content of any kind, reminding them time and again that there is no such thing as free lunch in the corporate world.

Similarly, there is no free porn over the internet- it is up to the users to decide how they are going to pay for it. They can do so by using their credit card or by looking at ads.

Unsuspecting users who ended up coughing out $500 will confirm that. And again, there is no surety that the malware will stop collecting data even after the ransom has been paid.