Fake Pornhub apps locks you out of your Android device and installs ransomware

Hackers demanding $100 in Bitcoin to unlock Android device affected due to ransomware installed by fake Pornhub apps

It is no secret that fake porn apps are on the rise. Instead of providing you with stuff as promised, these risky apps actually install malicious software on your device.

Security researchers from ESET have recently discovered that a rogue version of the adult website app is actually a ransomware in disguise. Apparently, Android users attempting to access Pornhub on their smartphones are being tricked into downloading malicious software.

Nicknamed Android/FakeAV.E by ESET, the fake Pornhub app promises to serve pornographic videos but it instead infects and locks users out of their handsets, demanding a payout in exchange for their release.

Pornhub has an official app, but it’s not available on the Play Store due to Google’s stance on pornographic content. This means those users interested in downloading the app go for less familiar avenues, unofficial app stores that leave them more susceptible to opportunistic hackers. This makes the job easier for attackers.

“Fake copies of legitimate antivirus programs used to be the domain of rogue AVs on Windows,” reads the ESET report. “Curiously, the malware, detected by ESET as Android/FakeAV.E also abuses another well-known brand: it spreads by pretending to be a mobile app for the adult video website Pornhub.

“When the app is launched, instead of showing pornographic videos, it shows the user a message that says the device must first be ‘checked for viruses’. After clicking OK, the fake AV, which is made to look like Avast, runs its scam scan.”

It installs ransomware that locks you out of your smartphone and asks you to pay $100 in Bitcoin to release it from its hostage situation.

“Target-wise, Android ransomware operators have been shifting their focus from Eastern European to US mobile users,” ESET said. “However, last year also demonstrated an increased activity on the Asian market.”

According to ESET, the number of Android ransomware detection has grown in year on year comparison by more than 50%, with the largest increase in the first half of 2016.

For simple lock screen ransomware such as this fake Pornhub app, ESET recommends booting your Android gadget into Safe Mode and then uninstall the malicious app. ESET has encouraged users to keep a mobile security app installed and up to date. The firm also recommends keeping a backup of all important data. More details and tips to stay safe can be found in this whitepaper.

To keep yourself safe from such ransomware attacks, avoid downloading third-party applications from unknown sources outside the official Google Play app store. Secondly, avoid downloading Android porn apps altogether.