Categories: NewsSecurity

Koler Ransomware Targets US Citizens With Fake PornHub Android App

People often say the internet is for porn, and to a certain degree they are absolutely right. In the year 2017 however, the Internet is also for ransomware and other types of malware. A new type of malicious software on Android combines both porn and ransomware into one powerful threat. Various adult content websites have been targeted by ads for a fake Pornhub Android app, which effectively contained the Koler ransomware payload.

Koler Ransomware Is Quite Nifty, in a Bad Way

It is never good to see new types of ransomware show up on mobile operating systems. Especially Android users have seen their fair share of malicious software, ranging from banking trojans to keylogger and everything in between. It now appears US customers visiting adult content-oriented websites may fall victim to a new type of Android ransomware, which masks itself as a malicious PornHub app.

It is well worth mentioning Koler is not a new type of malware by any means. This particular ransomware family has been around since 2014, back when the Reveton malware strain was still successful. A lot has happened over the past three years in the world of cybercrime, but some names will always ring a bell. Reveton was quite successful when attacking Windows computers, and the developers decided to port most of the functionality to Android in that year.

One thing about Koler stood out immediately: it had a link to pornographic content from day one. More specifically, the 2014 ransomware strain locked people out of their devices and showed a police-themed warning asking them to pay a fine because of their adult content viewing habits. The amounts demanded back then were very small, but it is something that made the developers quite a bit of money. No one wants to see those kinds of warnings on their phones or tablets under any circumstances.

Related Post

Now that Koler is back, there is plenty of reason to be concerned. An ongoing distribution campaign is taking place right now. It appears the ransomware developers are resorting to a brand new tactic, which could prove to be quite lucrative and successful in the long run. By effectively displaying malicious advertisements on adult content platforms, the developers are trying to trick Android users into downloading a malicious PornHub application.

Once the user downloads this particular application, their device will be infected with the Koler ransomware shortly afterward. As soon as the malware is installed, it will be given root privileges, which can have all kinds of nefarious consequences. This method is often referred to as clickjacking, and it is quite common among Android malware types right now.

With root access, the Koler ransomware can show a ransom message on top of the current screen. It seems little has been done to create a new ransom note, as it still claims to be a message from the US Department of Justice. Users are asked to pay a fee of $500 within three calendar days. It is unclear how this money needs to be paid, though. The fact this ransomware only targets US citizens is rather unusual, considering the malware’s source code reveals geo-targeting capabilities.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

JP Buntinx

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.

Share
Published by
JP Buntinx

Recent Posts

Is Plus Wallet Set to Rule Crypto Security? NGRAVE ZERO Teams Up with MetaMask & Ethereum’s Mekong Testnet Launches

As cryptocurrencies become increasingly integral to financial strategies, individuals are seeking more secure and profitable…

10 hours ago

This Top Altcoin Surpasses Shiba Inu, Dogecoin, PEPE, and Bonk in the 2024 Bull Run

With the bull running in the crypto market, several cryptocurrencies are showing strong potential for…

10 hours ago

2024’s Premier Crypto Hot Wallets: A Comprehensive Guide

For newcomers and veterans alike in the digital currency arena, securing a robust and user-friendly…

10 hours ago

Top Cryptos to Watch in Q4: BlockDAG, Solana, TRON DAO, and Ripple Set the Stage for Future Gains

For those adept at deciphering market trends, pinpointing the next leading cryptocurrency is certainly achievable.…

11 hours ago

Best Crypto Presale to Buy Now in Mid November! This Coin Is Set to Dominate the Next Bull Run

Are you searching for the best crypto presale opportunities to maximize gains during the next…

15 hours ago

Investors Ditch AVAX and Cardano (ADA) as Interest Peaks for New Crypto Presale Seeing Record Volume

All-time highs have been rolling in all summer for the hugely promising Web3 casino Rollblock…

15 hours ago