New Android “ransomware” insists you must pay a $300 fine because you watched awful porn

"Ransomware" is one of themobile malware sub-genres in circulation. It eats up your screen realestate with a warning that you somehow engaged in horrible crimeactivity and therefore must pay a ransom. The latest contender toemerge in this rare niche is Android-Trojan.Koler, and boy, is it anasty one! As its name not-so-subtly suggests, it creeps up onAndroid devices and is as smart as to use geolocation to properly"locate" its alarm bells to the user's actual country andrelative crime burreay. It accuses you of watching banned pornographyand demands a $300 ransom, which should be paid off through covertpayment mechanisms like Paysafecard and uKash. Thankfully, real-lifeoffenders rarely get away this easy.

The ransomware works by preventingusers from accessing their phones' home-screens and making itimpossible to browse menus and use apps as normally. BitDefendere-threat analyst Bogdan Botezatu explained that Koler.A opens abrowser view that stays on top of other apps. Users can press Homeand return to the home-screen, but a 5-second timer brings back thespam on top.

Luckily, this trashy piece of codeisn't being distributed via the Google Play Store, which saw itsshare of malware-related mishaps lately. The way it reaches yourAndroid device is by installing itself when browsing certain pornsites. These sites claim that the malware's download is actually anAPK for a video player used for premium access. We don't have a listof websites to serve, but as an Android user, you should be awarethat downloading APK's from sketchy websites is a sure way to getinfected.

via ARSTechnica