Ransomware hacks Android’s front-facing camera to take embarrassing photos

  • September 8, 2015
  • 2 min read

An Android app that offers pornographic images, Adult Player, has been recently discovered to be a particularly aggressive form of ransomware. The malware secretly takes photos of the unsuspecting victim by accessing the device’s front-facing camera and then locks it, demanding a $500 ransom while pretending to be affiliated with the FBI.

The FBI probably isn’t after you

Unfortunately, as cyber criminals advance their tactics and techniques, the rest of us have to learn to catch up. Ransomware, which has been around for about as long as the PC, is now targeting Androids and other devices.

android_malwareOne of the major scare tactics of ransomware is to catch you in a compromised position, or a fabricate one, and threaten your sense of security in addition to locking your device. That’s often times why “FBI” will pop up in the extortion image that follows infection.

Earlier this year, an app named Porn Droid locked devices and accused the user of accessing child pornography, then demanded $500 as a penalty. Similarly, the app Koler intimidated Android-using victims in the same fashion, and was contracted on pornography websites under the guise of a legitimate app.

The difference with Adult Player is that it can actually take embarrassing photos of you that wouldn’t exist otherwise. And even if you do pay the penalty, who is to say that those photos will actually be destroyed?

Be selective about your downloads

Adult Player, as with many ransomware apps, is not available through Google Play. Often times these malicious apps can be found for direct download through a website, so it’s best to avoid these kinds of downloads unless you have good reason to trust the company behind the app.

Additionally, you should always pay attention to what permissions you grant when you download any app. If an app wants access to your contacts or camera, for example, and it should have no use for those functions, abort the download immediately.

How to remove Android ransomware

While this alert might give some of you a few laughs, it might make another handful of you blush in embarrassment. If you’ve contracted the Adult Player ransomware, follow the steps below to remove it from your device:

  1. Enter safe mode on your device. As there are different methods depending on your device, you might need to do a quick search online, here is one that works for most models.
  2. Go to Security under Settings, and then select Device Administrator. Select the offending app and deactivate it.
  3. Go to Apps, under Settings, and select Uninstall to remove the ransomware app.

Hopefully you have not downloaded Adult Player or any other ransomware for that matter. But in the case that you have, remove it and remember in the future to focus on prevention over cleaning!

Emsisoft Enterprise Security + EDR

Robust and proven endpoint security solution for organizations of all sizes. Start free trial

Have a great, ransomware-free day!

What to read next