Watch Pornhub on your smartphone? Beware of this ransomware scam


Android users who watch adult site Pornhub from their smartphone are being warned about a new ransomware scam.

The scam, which was discovered by security firm ESET, tricks users into downloading a malicious piece of software disguised as the Pornhub app.

However, rather than providing access to the site’s adult content, the malicious app locks the victim out of their smartphone, before demanding a payment of $100 as ransom.

“When the app is launched, instead of showing pornographic videos, it shows the user a message that says the device must first be ‘checked for viruses’. After clicking OK, the fake AV, which is made to look like Avast, runs its scam scan,” ESET wrote on its security blog.

Pornhub has an official app but it is not available to download from the Play Store due to Google’s terms on adult content.

Fake Pornhub Android app

Fake Pornhub Android app. Image ESET

This means that Android users have to download the app from unofficial app stores, which cyber criminals have targeted with malicious apps and where malware and ransomware is more prevalent.

Where cyber criminals once used fake antivirus apps as a way of tricking unsuspecting users into downloading malware, they are increasingly using fake apps for sites like Pornhub, ESET said.

The advice from ESET is to always backup the data on your phone, have up to date antivirus installed on your device and above all else, avoid downloading apps from unofficial app stores.

The security firm also warned that paying the ransom might not be the best solution.

“As far as ransomware on Android is concerned, we have seen several variants where the code for decrypting files or uninstalling the lock- screen was missing altogether, so paying would not have solved anything.”

Source: ESET [pdf]


Comments are closed.