Table of contents:
It seems that Android users are more fond of porn stuff than Apple or iOS users. This is what a study by PornHub, the popular porn site, confirmed just a year ago, in which it was confirmed that almost 50% of users accessed this type of page through an Android mobile or tablet. Thus, it is not surprising that a large part of the attacks are focused on what is the majority operating system around the world. The security company Blue Coat has just revealed that some users are being affected by a ransomware attack. The threat would be affecting devices withAndroid browsing through a porn website, the name of which has not yet been revealed. In any case, the malicious code would be inoculating itself on the devices that access the page. But how exactly does this type of threat work? Can my device be affected?
The Blue Coat experts have explained that the threat that would be affecting the users of this porn site would have been baptized as " Cyber-Police ". These would receive a blocking message or warning from the authorities and would try to do everything possible to convince the user that they have to pay to undo it. The most curious thing of all is that they ask the user to pay the fine through the iTunes Store with gift codes. Some codes that cybercriminals later resell to other buyers who, without knowing it, would be participating in an extortion scam.
And what if I have visited a porn site? Are they going to extort money from me too? At the moment, the name of the site has not been revealed, so there is no possibility of alerting about a specific website or service. We do know that the malicious code in question is taking advantage of vulnerabilities in Android 4.0 Ice Cream Sandwich, Android 4.3 Jelly Bean and Android 4.4 KitKat, so if you use a mobile phone with any of these operating system versions, be very careful. During the attack, system applications are completely blocked and the ransomware starts at startup, making it virtually impossible to get rid of.
And what do I do if my device is infected?
The Blue Coat team will publish the full report of this attack on a porn website shortly, but in the meantime, they have already indicated to users that there is a way to get rid of this problem: do a factory reset. For this reason, the company has recommended that users keep personal information (photos, videos, documents…) aside in a backup copy or on the computer's microSD card, so that when cleaning the phone to start from scratch, the process is not devastating to our most important content.
For the rest, and to prevent us from possible attacks, it would be his thing not to visit these types of pages, but… if you can't avoid it, make sure you browse through safe sites. Avoid messages from strangers and do not click on sites or links that you do not know. You will save yourself more than one upset.
