Porn app took secret photos of users

BBC.com ^ | 7 September 2015 | BBC staff

[Swordmaker]

A malicious Android app that held people to ransom has been found by US security firm Zscaler.

Adult Player appeared to offer pornography, but secretly took pictures of users with the phone's front-facing camera.

It then locked the user's device and displayed a demand for $500 (£330) which was difficult to bypass.

One security expert told the BBC that ransomware was a lucrative and growing area of cybercrime.

Ransomware

The Adult Player app demanded a payment of $500 (£330).

Apps which demand money from people with a threat to release private information, or wipe a device, are known as ransomware.

In August, Intel Security said examples of ransomware had increased 127% since 2014 - primarily affecting desktop computers and laptops.

"One of the reasons for the increase is that it's very easy to make," said Raj Samani, chief technology officer for Intel Security in Europe.

"There are people you can pay to do the work for you, and it pays really well. One group we tracked made more than $75,000 in 10 weeks.

"Apps like this rely on the embarrassment factor. If you don't pay, your reputation is on the line."

Adult Player was the second example of pornography-focused ransomware discovered by Zscaler.

The app was not available from vetted storefronts such as Google Play, but could be installed directly from a webpage.

[rjsimmon]

Instead of “Ransomware”, in this instance I believe the name should be “Shameware” (not “Sham Wow”).

Although I suspect most of the perps have none...

[Army Air Corps]

Personally, I find this amusing.

[Farmer Dean]

I bet they catch a lot of libtards masturbating in their Mom’s basement.

[nascarnation]

[Dilbert San Diego]

Well I had the same thought, wondering what people are doing when watching this stuff, are they undressed etc. The potential for very embarrassing pictures is there.

[dainbramaged]

Did they catch Carlos Danger buffing his clown?

[Westbrook]

You’re better off with a flip phone.

And be sure to turn the locator off.

Windows phones actually might be more secure than Android or Apple, which have shown themselves to be hideously vulnerable, probably due to the fact that the Android and iOS are just glorified spyware, anyway.

[alancarp]

It’s amusing today, but not tomorrow when these extortionists branch out into apps that masquerade as games or actually useful-sounding utilities. That’s the obvious next step.

[Swordmaker]

Another Ransom Ware attack for Android. . . notification for Apple Mac users who prefer to use Android phones or tablets with their Mac computers. This attack comes from using a, ahem, porn app that uses the front facing camera to photograph the user while watching the porn, then demanding locking the Android phone and demanding $500 (330 British pounds) to unlock it, plus if it is unpaid, they threaten to publicize the user's porn use. Apparently on Android it is extremely difficult to unlock the malicious locking. — PING!

Ping also to ThunderSleeps, DayGloRed and Shadow Ace for their ping lists.

Android Malware
Ping!

The Latest Apple/Mac/iOS Pings can be found by searching Keyword “ApplePingList” on Freerepublic’s Search.

If you want on or off the Mac Ping List, Freepmail me.

[Trapped Behind Enemy Lines]

Yup.

Karma.

Just like with Ashley Madison.

[Popman]

Wow...if this app ever took a picture of me naked...

I could make them pay me to not post the picture...

Nobody wants to see me naked...

[FlingWingFlyer]

LOL! So did I.

[Army Air Corps]

I do agree with you on that point. Isn’t that being done already?

[pgyanke]

Personally, I find this amusing.

Personally, this scares the hell out of me. How long will it be before you find a photo-shopped image of yourself on your computer with a ransom demand to prevent the destruction of your good name? They start with legitimate pictures... then they will take it to the next level.

[ImJustAnotherOkie]

And moms hugging the washing machine on spin

[McGruff]

Imagine what he could get for somebody’s private email server files.

[Boogieman]

Actually, those kinds of ransomware predate this. This is a newer iteration.

About 3 years ago my company got hit by one, because an employee downloaded a program, and it went and encrypted every file on the networked drive. Luckily, if you have backups, you can just restore from those and delete the encrypted files.

Otherwise, there is no way to get the files back without paying the “ransom”. Of course, there is no way to know that if you pay, they will give you the correct key. Most of the time, paying them does seem to work, but I would refuse to do that on principle.

[McGruff]

[Swordmaker]

I was on a totally innocuous website with iPad Safari the other day and suddenly a strip of top to bottom white appeared, with "FBI HOMELAND SECURITY ALERT!" flashing at the top. it them proceeded to claim that "Kiddie porn has been detected on your computer and an automatic fine of $500 is being assessed". It went on to tell me that I could avoid further FBI or Homeland Security action by Paying through the requestor, calling a phone number and paying the fine immediately by credit or debit card, or clicking on the PayPal logo and paying through that means. It then popped up a requestor that HAD to be responded to which offered the choice of PayPal, Call, or OK. No Cancel.

Obviously, I knew there was no possibility of any kiddie porn on my computers or iOS devices. Zero. None. I also knew that the FBI/Homeland Security did not operate in such an absurd manner; acting as arresting agency, judge, jury, and court clerk to collect a fine.

It was obvious the Ransom Ware was a multi-page script, because closing it re-opened it. Forcing Safari to quit and re-opening Safari, brought back the last session as normal. . . but that page re-opened with the same requestors.

However, you can get rid of it easily in iOS by going to setting while Safari is not running, selecting the Safari listing in Settings, and choosing Clear History and Website data. Then restarting Safari. GONE.